Merge pull request #139 from vyaghras/backfil_kernels_advisories

vyaghras · web-flow · commit 6add8b88ecb6 · 2024-09-11T11:04:41.000-07:00
Kernel advisories for 2.4.0
diff --git a/advisories/2.4.0/BRSA-1pmwbq0axn1v.toml b/advisories/2.4.0/BRSA-1pmwbq0axn1v.toml
@@ -0,0 +1,24 @@
+[advisory]
+id = "BRSA-1pmwbq0axn1v"
+title = "kernel CVE-2024-43870"
+cve = "CVE-2024-43870"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.106-116.188.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "kernel-5.15.165-110.161.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-2yike4lvuqs8.toml b/advisories/2.4.0/BRSA-2yike4lvuqs8.toml
@@ -0,0 +1,24 @@
+[advisory]
+id = "BRSA-2yike4lvuqs8"
+title = "kernel CVE-2024-43873"
+cve = "CVE-2024-43873"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.106-116.188.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "kernel-5.15.165-110.161.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-ccd9v5jgy17j.toml b/advisories/2.4.0/BRSA-ccd9v5jgy17j.toml
@@ -0,0 +1,24 @@
+[advisory]
+id = "BRSA-ccd9v5jgy17j"
+title = "kernel CVE-2024-27397"
+cve = "CVE-2024-27397"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout"
+
+[[advisory.products]]
+package-name = "kernel-5.10"
+patched-version = "kernel-5.10.224-212.876.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "kernel-5.15.165-110.161.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-cxorjjnipihb.toml b/advisories/2.4.0/BRSA-cxorjjnipihb.toml
@@ -0,0 +1,30 @@
+[advisory]
+id = "BRSA-cxorjjnipihb"
+title = "kernel CVE-2024-42259"
+cve = "CVE-2024-42259"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation"
+
+[[advisory.products]]
+package-name = "kernel-5.10"
+patched-version = "kernel-5.10.224-212.876.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.106-116.188.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "kernel-5.15.165-110.161.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-ewhkjl8vteg4.toml b/advisories/2.4.0/BRSA-ewhkjl8vteg4.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-ewhkjl8vteg4"
+title = "kernel CVE-2024-43880"
+cve = "CVE-2024-43880"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning"
+
+[[advisory.products]]
+package-name = "kernel-5.10"
+patched-version = "kernel-5.10.224-212.876.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-i8umxk92lrqy.toml b/advisories/2.4.0/BRSA-i8umxk92lrqy.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-i8umxk92lrqy"
+title = "kernel CVE-2024-42258"
+cve = "CVE-2024-42258"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.106-116.188.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-kkuswt3ic8ey.toml b/advisories/2.4.0/BRSA-kkuswt3ic8ey.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-kkuswt3ic8ey"
+title = "kernel CVE-2024-26585"
+cve = "CVE-2024-26585"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close."
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "kernel-5.15.165-110.161.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-lidw5b35uk8v.toml b/advisories/2.4.0/BRSA-lidw5b35uk8v.toml
@@ -0,0 +1,24 @@
+[advisory]
+id = "BRSA-lidw5b35uk8v"
+title = "kernel CVE-2024-43869"
+cve = "CVE-2024-43869"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.106-116.188.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "kernel-5.15.165-110.161.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
diff --git a/advisories/2.4.0/BRSA-lifldjpfhpde.toml b/advisories/2.4.0/BRSA-lifldjpfhpde.toml
@@ -0,0 +1,30 @@
+[advisory]
+id = "BRSA-lifldjpfhpde"
+title = "kernel CVE-2024-43871"
+cve = "CVE-2024-43871"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu()"
+
+[[advisory.products]]
+package-name = "kernel-5.10"
+patched-version = "kernel-5.10.224-212.876.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.106-116.188.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[[advisory.products]]
+package-name = "kernel-5.15"
+patched-version = "kernel-5.15.165-110.161.amzn2"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "vyaghras"
+issue-date = 2024-09-05T19:08:38Z
+arches = ["x86_64", "aarch64"]
+version = "2.4.0"
