cvehound icon indicating copy to clipboard operation
cvehound copied to clipboard
verified publisher icon evdenis

Add CVEs described in commit messages

Open evdenis opened this issue 4 years ago • 0 comments

These are commits with direct reference to CVE identifiers and Fixes tags. These commits are easy targets to make rules based on them.

  • [ ] CVE-2021-23133 net/sctp: fix race condition in sctp_destroy_sock https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b

  • [x] CVE-2021-23134 net/nfc: fix use-after-free llcp_sock_bind/connect https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6

  • [x] CVE-2021-28691 xen-netback: take a reference to the RX task thread https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=107866a8eb0b664675a260f1ba0655010fac1e08

  • [x] CVE-2021-29657 KVM: SVM: load control fields from VMCB12 before checking them https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=a58d9166a756a0f4a6618e4f593232593d6df134

  • [x] CVE-2021-3491 io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=d1f82808877bb10d3deee7cf3374a4eb3fb582db

  • [ ] CVE-2021-3653 KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=0f923e07124df069ba68d8bb12324398f4b6b709

  • [x] CVE-2021-3656 KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc

  • [x] CVE-2020-10757 mm: Fix mremap not considering huge pmd devmap https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=5bfea2d9b17f1034a68147a8b03b9789af5700f9

  • [x] CVE-2020-11884 s390/mm: fix page table upgrade vs 2ndary address mode accesses https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=316ec154810960052d4586b634156c54d0778f74

  • [ ] CVE-2020-12888 vfio-pci: Invalidate mmaps and block MMIO access on disabled memory https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=abafbc551fddede3e0a08dee1dcde08fc0eb8476

  • [x] CVE-2020-14331 vgacon: Fix for missing check in scrollback handling https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ebfdfeeae8c01fcb2b3b74ffaf03876e20835d2d

  • [x] CVE-2020-14386 net/packet: fix overflow in tpacket_rcv https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=acf69c946233259ab4d64f8869d4037a198c7f06

  • [x] CVE-2020-16119 dccp: don't duplicate ccid when cloning dccp sock https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=d9ea761fdd197351890418acd462c51f241014a7

  • [x] CVE-2020-25670 nfc: fix refcount leak in llcp_sock_bind() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=c33b1cc62ac05c1dbb1cdafe2eb66da01c76ca8d

  • [x] CVE-2020-25671 nfc: fix refcount leak in llcp_sock_connect() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=8a4cd82d62b5ec7e5482333a72b58a4eea4979f0

  • [x] CVE-2020-25672 nfc: fix memory leak in llcp_sock_connect() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=7574fcdbdcb335763b6b322f6928dc0fd5730451

  • [x] CVE-2020-27152 KVM: ioapic: break infinite recursion on lazy EOI https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=77377064c3a94911339f13ce113b3abf265e06da

  • [ ] CVE-2020-28374 scsi: target: Fix XCOPY NAA identifier lookup https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=2896c93811e39d63a4d9b63ccf12a8fbc226e5e4

  • [x] CVE-2020-28588 lib/syscall: fix syscall registers retrieval on 32-bit platforms https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4f134b89a24b965991e7c345b9a4591821f7c2a6

  • [ ] CVE-2020-8647 vgacon: Fix a UAF in vgacon_invert_region https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=513dc792d6060d5ef572e43852683097a8420f56

  • [ ] CVE-2020-8649 vgacon: Fix a UAF in vgacon_invert_region https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=513dc792d6060d5ef572e43852683097a8420f56

  • [ ] CVE-2019-10207 Bluetooth: hci_uart: check for missing tty operations https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=b36a1552d7319bbfd5cf7f08726c23c5c66d4f73

  • [ ] CVE-2019-11477 tcp: limit payload size of sacked skbs https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff

  • [x] CVE-2019-13648 powerpc/tm: Fix oops on sigreturn on systems without TM https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f16d80b75a096c52354c6e0a574993f3b0dfbdfe

  • [x] CVE-2019-14821 KVM: coalesced_mmio: add bounds checking https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=b60fe990c6b07ef6d4df67bc0530c7c90a62623a

  • [x] CVE-2019-15030 powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60

  • [x] CVE-2019-15031 powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=a8318c13e79badb92bc6640704a64cc022a6eb97

  • [ ] CVE-2019-18660 powerpc/book3s64: Fix link stack flush on context switch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad

  • [ ] CVE-2019-19037 ext4: fix ext4_empty_dir() for directories with holes https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=64d4ce892383b2ad6d782e080d25502f91bf2a38

  • [x] CVE-2019-19332 KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=433f4ba1904100da65a311033f17a9bf586b287e

  • [x] CVE-2019-19448 btrfs: only search for left_info if there is no right_info in try_merge_free_space https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=bf53d4687b8f3f6b752f091eb85f62369a515dfd

  • [x] CVE-2019-19769 locks: fix a potential use-after-free problem when wakeup a waiter https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=6d390e4b5d48ec03bb87e63cf0a2bff5f4e116da

  • [x] CVE-2019-19770 blktrace: fix debugfs use after free https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=bad8e64fb19d3a0de5e564d9a7271c31bd684369

  • [ ] CVE-2019-3819 HID: debug: fix the ring buffer implementation https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=13054abbaa4f1fd4e6f3b4b63439ec033b4c8035

  • [ ] CVE-2019-3900 vhost_net: fix possible infinite loop https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e2412c07f8f3040593dfb88207865a3cd58680c0

  • [x] CVE-2019-6974 kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=cfa39381173d5f969daf43582c95ad679189cbc9

  • [ ] CVE-2018-1000200 mm, oom: fix concurrent munlock and oom reaper unmap, v3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=27ae357fa82be5ab73b2ef8d39dcb8ca2563483a

  • [x] CVE-2018-10840 ext4: correctly handle a zero-length xattr with a non-zero e_value_offs https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=8a2b307c21d4b290e3cbe33f768f194286d07c23

  • [ ] CVE-2018-10853 kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=3c9fa24ca7c9c47605672916491f79e8ccacb9e6

  • [x] CVE-2018-1095 ext4: limit xattr size to INT_MAX https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ce3fd194fcc6fbdc00ce095a852f22df97baa401

  • [x] CVE-2018-1108 random: fix crng_ready() test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=43838a23a05fbd13e47d750d3dfd77001536dd33

  • [x] CVE-2018-1118 vhost: fix info leak due to uninitialized memory https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=670ae9caaca467ea1bfd325cb2a5c98ba87f94ad

  • [x] CVE-2018-11412 ext4: do not allow external inodes for inline data https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=117166efb1ee8f13c38f9e96b258f16d4923f888

  • [ ] CVE-2018-16880 vhost: fix OOB in get_rx_bufs() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=b46a0bf78ad7b150ef5910da83859f7f5a514ffd

  • [x] CVE-2018-18955 userns: also map extents in the reverse map to kernel IDs https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd

  • [x] CVE-2018-9363 Bluetooth: hidp: buffer overflow in hidp_process_report https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=7992c18810e568b95c869b227137a2215702a805

  • [x] CVE-2017-1000252 KVM: VMX: Do not BUG() on out-of-bounds guest IRQ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb

  • [x] CVE-2017-1000255 powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=265e60a170d0a0ecfc2d20490134ed2c48dd45ab

  • [ ] CVE-2017-1000365 fs/exec.c: account for argv/envp pointers https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=98da7d08850fb8bdeb395d6368ed15753304aa0c

  • [ ] CVE-2017-1000370 binfmt_elf: use ELF_ET_DYN_BASE only for PIE https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=eab09532d40090698b05a07c1c87f39fdbc5fab5

  • [ ] CVE-2017-1000371 binfmt_elf: use ELF_ET_DYN_BASE only for PIE https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=eab09532d40090698b05a07c1c87f39fdbc5fab5

  • [x] CVE-2017-1000407 KVM: VMX: remove I/O port 0x80 bypass on Intel hosts https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=d59d51f088014f25c2562de59b9abff4f42a7468

  • [x] CVE-2017-11600 xfrm: policy: check policy direction value https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=7bab09631c2a303f87a7eb7e3d69e888673b9b7e

  • [x] CVE-2017-12153 nl80211: check for the required netlink attributes presence https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e785fa0a164aa11001cba931367c7f94ffaff888

  • [x] CVE-2017-12188 KVM: nVMX: update last_nonleaf_level when initializing nested EPT https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fd19d3b45164466a4adce7cbff448ba9189e1427

  • [ ] CVE-2017-12193 assoc_array: Fix a buggy node-splitting case https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ea6789980fdaa610d7eb63602c746bf6ec70cd2b

  • [x] CVE-2017-16995 bpf: fix incorrect sign extension in check_alu_op() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f

  • [ ] CVE-2017-16996 bpf: fix incorrect tracking of register size truncation https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=0c17d1d2c61936401f4702e1846e2c19b200f958

  • [ ] CVE-2017-2583 KVM: x86: fix emulation of "MOV SS, null selector" https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=33ab91103b3415e12457e3104f0e4517ce12d0f3

  • [ ] CVE-2017-2584 KVM: x86: Introduce segmented_write_std https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=129a72a0d3c8e139a04512325384fe5ac119e74d

  • [x] CVE-2017-5123 waitid(): Add missing access_ok() checks https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=96ca579a1ecc943b75beba58bebb0356f6cc4b51

  • [ ] CVE-2017-7472 KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=c9f838d104fed6f2f61d68164712e3204bf5271b

  • [x] CVE-2017-7558 sctp: Avoid out-of-bounds reads from address storage https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ee6c88bb754e3d363e568da78086adfedb692447

  • [ ] CVE-2017-7979 net sched actions: allocate act cookie early https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e0535ce58b92d7baf0b33284a6c4f8f0338f943e

  • [x] CVE-2016-2117 atl2: Disable unimplemented scatter/gather feature https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f43bfaeddc79effbf3d0fcb53ca477cca66f3db8

  • [x] CVE-2016-3713 KVM: MTRR: remove MSR 0x2f8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=9842df62004f366b9fed2423e24df10542ee0dc5

  • [x] CVE-2016-5828 powerpc/tm: Always reclaim in start_thread() for exec() class syscalls https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=8e96a87c5431c256feb65bcfc5aec92d9f7839b6

  • [x] CVE-2016-6162 udp: prevent bugcheck if filter truncates packet too much https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=a612769774a30e4fc143c4cb6395c12573415660

  • [ ] CVE-2016-6480 aacraid: Check size values after double-fetch from user https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3

  • [ ] CVE-2016-7039 net: add recursion limit to GRO https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fcd91dd449867c6bfe56a81cabba76b829fd05cd

  • [x] CVE-2016-8399 net: ping: check minimum size on ICMP header length https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=0eab121ef8750a5c8637d51534d5e9143fb0633f

  • [ ] CVE-2016-8405 fbdev: color map copying bounds checking https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=2dc705a9930b4806250fbf5a76e55266e59389f2

  • [x] CVE-2016-8630 kvm: x86: Check memopp before dereference (CVE-2016-8630) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=d9092f52d7e61dd1557f2db2400ddb430e85937e

  • [ ] CVE-2016-8632 tipc: check minimum bearer MTU https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=3de81b758853f0b29c61e246679d20b513c4cfec

  • [x] CVE-2016-8650 mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f5527fffff3f002b0a6b376163613b82f69de073

  • [x] CVE-2016-9191 sysctl: Drop reference added by grab_header in proc_sys_readdir https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=93362fa47fe98b62e4a34ab408c4a418432e7939

  • [x] CVE-2015-1593 x86, mm/ASLR: Fix stack randomization on 64-bit systems https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77

  • [x] CVE-2014-0049 kvm: x86: fix emulator buffer overflow (CVE-2014-0049) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=a08d3b3b99efd509133946056531cdf8f3a0c09b

  • [x] CVE-2014-8480 KVM: x86: PREFETCH and HINT_NOP should have SrcMem flag https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=3f6f1480d86bf9fc16c160d803ab1d006e3058d5

  • [x] CVE-2014-8481 KVM: emulate: avoid accessing NULL ctxt->memopp https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=a430c9166312e1aa3d80bce32374233bdbfeba32

  • [x] CVE-2013-2930 perf/ftrace: Fix paranoid level for enabling function tracer https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=12ae030d54ef250706da5642fc7697cc60ad0df7

  • [ ] CVE-2013-6368 KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fda4e2e85589191b123d31cdc21fd33ee70f50fd

evdenis avatar Jul 05 '21 14:07 evdenis