Merge pull request #128 from dhwaniserai/advisories-20250430

dhwaniserai · web-flow · commit 3c7411acc58c · 2025-04-30T12:57:21.000-07:00
kernel 5.15: add advisories for kernel 5.15.180
diff --git a/advisories/2.3.2/BRSA-dmoahbepg1zg.toml b/advisories/2.3.2/BRSA-dmoahbepg1zg.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-dmoahbepg1zg"
+title = "kernel CVE-2024-56664"
+cve = "CVE-2024-56664"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close()"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["x86_64", "aarch64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-dzb3rhinlx62.toml b/advisories/2.3.2/BRSA-dzb3rhinlx62.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-dzb3rhinlx62"
+title = "kernel CVE-2024-26928"
+cve = "CVE-2024-26928"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show()"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["aarch64", "x86_64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-e8gvjo9xlq7a.toml b/advisories/2.3.2/BRSA-e8gvjo9xlq7a.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-e8gvjo9xlq7a"
+title = "kernel CVE-2022-49465"
+cve = "CVE-2022-49465"
+severity = "high"
+description = "In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["aarch64", "x86_64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-jyaxylnddtmv.toml b/advisories/2.3.2/BRSA-jyaxylnddtmv.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-jyaxylnddtmv"
+title = "kernel CVE-2025-21759"
+cve = "CVE-2025-21759"
+severity = "high"
+description = "In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send()"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["x86_64", "aarch64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-rchkviw47hkd.toml b/advisories/2.3.2/BRSA-rchkviw47hkd.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-rchkviw47hkd"
+title = "kernel CVE-2022-49728"
+cve = "CVE-2022-49728"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in __ip6_append_data"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["x86_64", "aarch64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-rcixpxtubo64.toml b/advisories/2.3.2/BRSA-rcixpxtubo64.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-rcixpxtubo64"
+title = "kernel CVE-2022-49636"
+cve = "CVE-2022-49636"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: vlan: fix memory leak in vlan_newlink()"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["aarch64", "x86_64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-tfz8ohcqscim.toml b/advisories/2.3.2/BRSA-tfz8ohcqscim.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-tfz8ohcqscim"
+title = "kernel CVE-2024-46753"
+cve = "CVE-2024-46753"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["x86_64", "aarch64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-viep7smaqxln.toml b/advisories/2.3.2/BRSA-viep7smaqxln.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-viep7smaqxln"
+title = "kernel CVE-2024-47745"
+cve = "CVE-2024-47745"
+severity = "high"
+description = "In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages()"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["x86_64", "aarch64"]
+version = "2.3.2"
diff --git a/advisories/2.3.2/BRSA-xd4nhfcclpnu.toml b/advisories/2.3.2/BRSA-xd4nhfcclpnu.toml
@@ -0,0 +1,17 @@
+[advisory]
+id = "BRSA-xd4nhfcclpnu"
+title = "kernel CVE-2025-21999"
+cve = "CVE-2025-21999"
+severity = "high"
+description = "In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode()"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "5.15.180"
+patched-epoch = "0"
+
+[updateinfo]
+author = "dhwanise"
+issue-date = 2025-04-30T19:30:27Z
+arches = ["x86_64", "aarch64"]
+version = "2.3.2"
