138 lines
6.2 KiB
JSON
138 lines
6.2 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20249975",
|
|
"Version": "oval:org.altlinux.errata:def:20249975",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2024-9975: package `kernel-image-std-def` update to version 5.10.221-alt0.c9f.2",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch c9f2"
|
|
],
|
|
"Products": [
|
|
"ALT SPWorkstation",
|
|
"ALT SPServer"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2024-9975",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-9975",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2024-39482",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-39482",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2024-39484",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-39484",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades kernel-image-std-def to version 5.10.221-alt0.c9f.2. \nSecurity Fix(es):\n\n * CVE-2024-39482: In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix variable length array abuse in btree_iter\n\nbtree_iter is used in two ways: either allocated on the stack with a\nfixed size MAX_BSETS, or from a mempool with a dynamic size based on the\nspecific cache set. Previously, the struct had a fixed-length array of\nsize MAX_BSETS which was indexed out-of-bounds for the dynamically-sized\niterators, which causes UBSAN to complain.\n\nThis patch uses the same approach as in bcachefs's sort_iter and splits\nthe iterator into a btree_iter with a flexible array member and a\nbtree_iter_stack which embeds a btree_iter as well as a fixed-length\ndata array.\n\n * CVE-2024-39484: In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: davinci: Don't strip remove function when driver is builtin\n\nUsing __exit for the remove function results in the remove callback being\ndiscarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g.\nusing sysfs or hotplug), the driver is just removed without the cleanup\nbeing performed. This results in resource leaks. Fix it by compiling in the\nremove callback unconditionally.\n\nThis also fixes a W=1 modpost warning:\n\nWARNING: modpost: drivers/mmc/host/davinci_mmc: section mismatch in\nreference: davinci_mmcsd_driver+0x10 (section: .data) -\u003e\ndavinci_mmcsd_remove (section: .exit.text)",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "Low",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2024-07-15"
|
|
},
|
|
"Updated": {
|
|
"Date": "2024-07-15"
|
|
},
|
|
"BDUs": null,
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2024-39482",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-770",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-39482",
|
|
"Impact": "Low",
|
|
"Public": "20240705"
|
|
},
|
|
{
|
|
"ID": "CVE-2024-39484",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-770",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-39484",
|
|
"Impact": "Low",
|
|
"Public": "20240705"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:spworkstation:8.4",
|
|
"cpe:/o:alt:spserver:8.4"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:3001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975001",
|
|
"Comment": "kernel-doc-std is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975002",
|
|
"Comment": "kernel-headers-modules-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975003",
|
|
"Comment": "kernel-headers-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975004",
|
|
"Comment": "kernel-image-domU-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975005",
|
|
"Comment": "kernel-image-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975006",
|
|
"Comment": "kernel-modules-drm-ancient-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975007",
|
|
"Comment": "kernel-modules-drm-nouveau-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975008",
|
|
"Comment": "kernel-modules-drm-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975009",
|
|
"Comment": "kernel-modules-ide-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975010",
|
|
"Comment": "kernel-modules-midgard-be-m1000-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20249975011",
|
|
"Comment": "kernel-modules-staging-std-def is earlier than 2:5.10.221-alt0.c9f.2"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |