From 503d95698d49afe80075bdb21b9aff3f93edde43 Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Wed, 6 Mar 2024 21:19:56 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Tenable (Nessus).dat | 10 +++ data/cves.db | Bin 46436352 -> 46448640 bytes docs/index.html | 162 ++++++++++++++++++------------------- 3 files changed, 91 insertions(+), 81 deletions(-) diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index 386e1593d1d..6830ea151b4 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -153,3 +153,13 @@ e705e2061906416d27b57c3e4074b308 2446b3bb481e971a6e8caae83c710a33 f4da2c7f26d24bae12b910f0f5709b9f cfaced957e458a6bb6cf534426fd3853 +ea95d9e88f5b6c26b5612f223c42e3a5 +32d3e67523dbc15d53169a3b8d269771 +b0b6a6db92fc5e1333838f83f64c2267 +b39740862ccc3bf6f4f7d8847c144361 +ac0977b2e9226fa2617a7cdbd31a1eaf +a12e6709f2372fba2bedeb76e6ee98f1 +1bde3a0016dbe1bffed80582b4a87f29 +881f070e95c767cf158ee51c5fb3fecc +fa72333eeec3853c565bbd783727f727 +98af55805385d19566f4abc70c0dd3e6 diff --git a/data/cves.db b/data/cves.db index 34c3a62cc7d813c0a828667f5fd69a9875ad8582..9e13538b3bac347f6ca9023bd2049d231e4e9327 100644 GIT binary patch delta 9261 zcmeI$dwdkt*#~fDfP^~<2?+s#0aOH&C41im0Rg#0xdZ|#7vY(mnN5alb~ZD+x!@(i z@Cb;CAi5&zfEw?jsEDXsyi~2W-mtALwMwzx+G_DyYpeauZbZw+_x)(wKiJkz>$V^M4C6-Ad1>bkj8r_z}lq=~}jmBb`4iAc-Ta zsRvU}rd~|FnffsGWy)j9XX?jPz*NZ8pQ(tcm}vl03DZEPK}^Rn4Q3j`G?YnV8pbr7 zX#~^pOeZj%$TX7aB&JbJqnS=-DrG8TaxslzDra&td6>LRJ|;g?fGNlnVhS^jWg5qH z3e$L|2}~22PGy?JG?{4%(`igonWiyKXPUuO!E`#)8B8;oW--lXn!{AdG?!@}Qx(&E zrUguAGM&YAHq%0;MNEsCmN1>ew3KNX6Xr)|iZCfmDwD<(WvXVXVbYnFGu1N1nCh6~ zOa@besh-JXvY3)gDW(RdMy4jFW~LQP=Q5qgbUxDsOf5{UOe>i#WNKqt#l%b(F|B4= z!?c#^Vy1OWmoQz*bQ#lnrpuW&Fl}VIf@u@el}uMLrJ1f~+RStf(-x*{nXY5Hp2=p~ z%CwE?2BsUCZenU@x|!(~rdyeAW4fK`4yHSq?qb@`bT`vIOgotFWx9{)ex{vF4>0Xw zdXQ;1(?d)TGd;qzhiNaR^f=QKOh00JlIba?rKJiz3OF6kfSE80X2Tq)gt;&es$f1WfHUDNI2#tiB3KMd z;2c;A%fOj`86u#73K~SA8frj?>h3fKf!!c~xlt6?)-16$x)xDKud z8@9qWxB+g2o1h(ThFjoPxD9THJK#>Z3%0}Ea1ZQ&d*ME~A9lh6unQi9-S7}R43EGb z*bDn$KRgPL!Q=1*{0N?er{HP$F+2m$!cX9*@Ekl3FTjiN5*&b+;b-u3_yxQIzl2}G zLHISi3crEZ;B`0zzlFo_2K)}*gty>rcn98v-@_l^kMJJ64}XFq@Bw@XAHm1)3498F zhR@(H@HzYy{sv#bm%>^SvHd}W&d>$ALJs6YH|P#MpeOW#-p~j7LLTHpKPZ4g=nq9u z3$gW)g&j)xQAL>LJt!6+CFCqpTefeXe!Ik>?CUhsh*0uY1{ zgkdaiY#1!=e%Hp4Zr z1+Inb;CirOD{O-s;6}I!+Tmun1#X4g;C8qJ?u5HwJKPQTzz(<$}9sozt_G#W}nBNvcOEC_RJQ`{B3KxxFv`so?fr>o>o#OT^(p z=djy3Jmef6b`Fm?hds_=uXEVv9QHehN1elC;=avqJTBI5>0HpsZRfT=A&&5g6`kDZ zd{qHj?lG%uWZPhG+u&thkLuL|LBGeVMijSS^?TicusQZOdJz$zi`5)QP)JecM&v7@H8-cgCtG#GO5R z_r?@<7Q{|H-|gxX()n9o{J3mQ86FviJ!-YzyV@_yN_jXKjCi!L#}kOkn4_Q^RMd#- zb<1uoeW<#kBET$~2oWV!G1ol4jtq4VqahC2KT^bZd^OSL^Xf&e@AJ zm86uVSrS=EQ;%0$t{Jjbm5N67CX$kdq||6iZRSEFb5&`_5Mr9FTFwcP=7elnQiCpI z=yfuB)QyydF{O7r`9w*&<)VXq7DP-KqIo^yLt=61o>*QKZ zGPU}YW+ib-TpeSW_&>&oTai>bDcgO=4G;(Rk>cAy75h&D6MIk~EEYStO;$RBWBhzO#&2D(Nf*te=Fe)H+Ma*@u~vusX2{)n+M* zg{11vYL8^kp4!n^sZ?niNnAc#PU=`>aw3sAxlUH*RFz6+>2Wm=8#mMBOg)}za!HfY zE1#ZM*kZ(E&5|6AVo;WZvHio)5~hwGF(i-A<@UNf&h~WLLQ~ltIlHQ&3V*bc*a)~4 zXXT?4$!fNeTAifeug=v*LW@gEo$At>w9IasT{X2yQ=HcPnSJewTQ&5Jb}Yrz6G@lU zabBcZQnjd@iX|mWlTD?@&fmUU7?56C^X!0On7){y$Vmi`h=vK$I?i!+B~?zEKf|t{ zbul9BjAuPU-|mVWml82q(QJ8Wkuabzsv}Uv5$DvS1Ju(i*WW*UK=uZ|zPCmlH)E#a z_My^2LP5Uk=;rO18+%w$KrFDYAG1s>NLSwXOt+9UA2CZYR87KtE2*S2HOWjoI@)Sk z3?U)*)xe#(z>~8ly}eN=Y{|@Fsbm?>C8jpglH!Kch_Hzn&4xBTD(Oiyjul}!lZp77 zGEFU>{CX-~o^sEz5#_tBz{tOU3I4DG|D#smxPM^r+7T+xw)T|__M*%m#A*a#>Yy-N>-a%)!dnq zY9hj!nNXHAj94wUfD;#|8!mh9=q17cd+51>Fwl=Egb;w;jrXvLT*H(ih+I;gW?3EY zX{|}ou6g_*h_jdnsp!ZeT`)j2n2Y6$!d=n4HdAjXCeW1XXT}OnXd{bMF(Cp+ncvHj^siaL+YlY&Lf9m$WEgF2kDVCfkpvRZn3o+Gs{}og1 z{@znpQ5c{X^`DjWXd+GDf3*Cf-y>j44vDj|yV~IsM*{khgw=EG) zIJRI4+S|~D_HXQBc$zkUIwBJgJfYAk1cZFt`pC9H-nK!@+!0mt%H`#51O?3QG44fr9!sI5`)O4-me~NmmFvjhx|jil+OQb$H?@e&v*E~y#@?@hYP>1 zwQ|bVR&#rv^K{l2-Zh3SyFDmS%fnHRH|U8*WKTp>wMa0a1vD)jN^d)-vBaBwI^plL zq3o5**NcU@*_~h75x?Y$h&agJ+j*_nuXJoC*u;@89?gLCIw!0kh$Icgh&fRNPhA}+ z$#%(``@|WY$4N>1^~3u_V*&o=q>u(mvrG}DIh9(297AD(_+%xWc;&2}GL&t|`;fw^ zu1wPMzeT9DJ7;4-dg-e>^INQAhT>$W2C|f7HpOy^D&(3dsB{xC40&cpf+lBwuQ8nb z_n(hRIoY`XA3cYY{^dDL58G68QooM1=Y$(k*xxDVG+|f%{@pu;vNbK-UYJ?Ox!yIo zayTSM{eJ8&Z^*B@!~OtD6*-~=%aw9f^`_^>HkH`-^xi9WInM2NSJkI`MvR4$vUfb(Tj-yjz5Q^H&XH7g`q2D!L+#c(Hi`XgLlHW{IrIHqR+ES%V2eYy-cH6$=MscJNvY*1g^>+KrMZ(BY z$7I04|0g$gd|Ha$KEi(CgFRxGF?e2A1i8JydDa^zdN)p#qjJ!Lt1y9?n_yhh( zL=A=z!4OsR54+Zj5Ez4hy`Ibtn_<*x(xg-ppK3BC zYPPzwhZPPNi@T$~@VeX{S2(i_dOPKY%j5Fk;i$TOrWYi3nGYgITa`}2d38=0i|NR?Itr)kIGn#`$7We5fn+D~ zQq?jeJ_=cw*?=IIid%AAPa=EsVdde&OZGbzO+mav&t>zQ6B;6{)|4DmldOx4!_tyX zOG}PlFn?NEi0mT=77D{{T02h6OTX_o3WqseYE38_lO`%obc3Ezbt{HZtE0aL-F|-E z2C*ppMfI2Y>B@tj=GpHZZa`JI^~5D&kMz>*2m08rkDegp+Vk4l#9}dJ*(GCaV4^QSZQ|6PEmCzJDiW(4kWTtjS*4b$4NezJ; zg(ALlRbz7{YwSba$D-&RQgOPFGoe9Ol6qY>H>2%`J?{>}u9>2H= zU&Wl(&mreK!Q2X~#C~aKtI*GW;qdWdH~YZLuVQg(s}e7iua5v@j!MV)6V zqb|p2)XXcU)UKcSzA!XBXW=IU(w(1E``NE;Ss~_3h{muW(3e@)D5G>oBY4;tnDg4g zDzRKr1?pNA6Vvf=Bw3>)e_T7!&jf<>`AvjE*6Z89`k@Y-hJOF r-7~8-T|a8$2z&eIyTzQ|-~4R+!>;&YS7g6t|JUw{%nRnLm&D%z@|f9* delta 2667 zcmWmGRdW>v6h&cj6Wjv?hv4q+uEE{exVw9h4Fn5r!QCB#2dD0C(3Z9oY4HkBy6(fb ze!!kNGbcKFMMU(LCyq^&sCbiQk+ni%XUYn(0#>LMW+k?gSV^s9R&pzamC{OO zrMA*oX{~ftdMn(@U}dy2SrJxdD~pxY%4TJ^a#%U7Tvl!?(#m7ywenf{tpZj-tB_UL zDq`p8lvUa)W0keaS>>$?Rz<6lRoSXyRkf;F)vX#tAo|i>ST4cx>#MUZdP}zht<Sy)023P~FLDpbvh&9w2W(~JSSR<`b)@W;tHP#wujkhLP6Rkpk&DIuctF_JAZtbvkTDz>>)*frGwa?mb9k32shpfZa5$mXR%sOtJ zuufX1ta$6Rb;detowLqc7p#j`f_2HdY+bRgTGy=W)(z{X^_KOv^^Wzf^`7;<^?~)F z^^x_l^@;VV^_lg#^@a7N^_BIt^^Ntd^_}&-^@DZGx^4Yv{bc=Y-LZbLezktH?pnWF z_pJNY1M8vnhxMoR$a-u&v7TDbtmoDX>o4nX>mTc1>!tO|dTsq@y@^rCVuc`pP=p~d zk{~IPAvsbYB~l?Z(jYC;Aw9y80U41A5y*@z$ck*pjvUB|T*!?`t^ z6hToGLvfTqNt8lqltEdPLwQs{MN~p%R6$i#Lv_?ZP1Hhd)InX;Lwz(rLo`BTG(l5D zp&6Q^1zMsNTB8lxq8-|!13ID;I-?7^q8qxS2YMp7e=qb#AM`~(^v3`U#2^gD5DdjI z495tJ#3+o$7>va@jK>5_#3W3{6imf5OvemFV)aV-40~9o8cb8?X_Zuo+vh72B{KJFpYGup4`@7yGau2XGLFa2Q8$6vuEJ zCvXy{5RcP1gR?k?^SFSENWdjr#uZ$}HC)FH+{9aW8}Hy_!ytyQ+$Tc z@ddubSNIy=;9Go$@9_g};WmE6Pxu*k@C$y$Z@7!!aS!+L01xp8{=_3Z#uGfnGd#x& z{Dr^q5B|kVyuxezhc_WH3UK}iAQWLpj3h{kWJrz_NQqQPjWkG$bV!eIWI#q_LIg4+ z3$h{`vLgp_A{TNa5_ymp`H&w4P!NSs7)4MN#ZVk2P!gq38f8!x_wl!>BqTsWakm`1Ppl)b< z_@g$>Lt^9Z#0SXfV9o?{Hkfn4oDb$gFc*VK2 + @@ -283,6 +283,86 @@

眈眈探求 | TITLE URL + + ea95d9e88f5b6c26b5612f223c42e3a5 + CVE-2024-2176 + 2024-03-06 19:15:09 + Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + 详情 + + + + 32d3e67523dbc15d53169a3b8d269771 + CVE-2024-2174 + 2024-03-06 19:15:09 + Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + 详情 + + + + b0b6a6db92fc5e1333838f83f64c2267 + CVE-2024-27304 + 2024-03-06 19:15:08 + pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size. + 详情 + + + + b39740862ccc3bf6f4f7d8847c144361 + CVE-2024-27303 + 2024-03-06 19:15:08 + electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the `.nsh` installer script. NSExec by default searches the current directory of where the installer is located before searching `PATH`. This means that if an attacker can place a malicious executable file named cmd.exe in the same folder as the installer, the installer will run the malicious file. Version 24.13.2 fixes this issue. No known workaround exists. The code executes at the installer-level before the app is present on the system, so there's no way to check if it exists in a current installer. + 详情 + + + + ac0977b2e9226fa2617a7cdbd31a1eaf + CVE-2024-27302 + 2024-03-06 19:15:08 + go-zero is a web and rpc framework. Go-zero allows user to specify a CORS Filter with a configurable allows param - which is an array of domains allowed in CORS policy. However, the `isOriginAllowed` uses `strings.HasSuffix` to check the origin, which leads to bypass via a malicious domain. This vulnerability is capable of breaking CORS policy and thus allowing any page to make requests and/or retrieve data on behalf of other users. Version 1.4.4 fixes this issue. + 详情 + + + + a12e6709f2372fba2bedeb76e6ee98f1 + CVE-2024-27289 + 2024-03-06 19:15:08 + pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder. + 详情 + + + + 1bde3a0016dbe1bffed80582b4a87f29 + CVE-2024-2173 + 2024-03-06 19:15:08 + Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) + 详情 + + + + 881f070e95c767cf158ee51c5fb3fecc + CVE-2024-27288 + 2024-03-06 19:15:07 + 1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.10.1-lts, users can use Burp to obtain unauthorized access to the console page. The vulnerability has been fixed in v1.10.1-lts. There are no known workarounds. + 详情 + + + + fa72333eeec3853c565bbd783727f727 + CVE-2024-27287 + 2024-03-06 19:15:07 + ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves unsanitized data with `Content-Type: text/html; charset=UTF-8`, allowing a remote authenticated user to inject arbitrary web script and exfiltrate session cookies via Cross-Site scripting. It is possible for a malicious authenticated user to inject arbitrary Javascript in configuration files using a POST request to the /edit endpoint, the configuration parameter allows to specify the file to write. To trigger the XSS vulnerability, the victim must visit the page` /edit?configuration=[xss file]`. Abusing this vulnerability a malicious actor could perform operations on the dashboard on the behalf of a logged user, access sensitive information, create, edit and delete configuration files and flash firmware on managed boards. In addition to this, cookies are not correctly secured, allowing the exfiltration of session cookie values. Version 2024.2.2 contains a patch for this issue. + 详情 + + + + 98af55805385d19566f4abc70c0dd3e6 + CVE-2024-25111 + 2024-03-06 19:15:07 + Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunked, encoded HTTP Message. This bug is fixed in Squid version 6.8. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. There is no workaround for this issue. + 详情 + + 76fe749e528b0e0ba03347d2879ef0d0 CVE-2024-25858 @@ -443,86 +523,6 @@

眈眈探求 | 详情 - - 1d25dc9028a2fb002cee371183e64d48 - CVE-2024-2168 - 2024-03-04 21:15:07 - A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expense_category.php of the component HTTP POST Request Handler. The manipulation of the argument status leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-255678 is the identifier assigned to this vulnerability. - 详情 - - - - d9562e267e1dc49a83468ecca80b53ab - CVE-2024-1319 - 2024-03-04 21:15:07 - The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. (e.g. draft, private, pending review, password-protected, and trashed posts). - 详情 - - - - 2c3d89d53a7c97a25463dccbc6237918 - CVE-2024-1316 - 2024-03-04 21:15:07 - The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. (e.g. draft, private, pending review, pw-protected, and trashed events). - 详情 - - - - 96e31c0c4bf945562ebf093e6dd9367a - CVE-2024-27889 - 2024-03-04 20:15:50 - Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW). A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges. - 详情 - - - - fec974cbd701fc29682a21f3f394364a - CVE-2024-2048 - 2024-03-04 20:15:50 - Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass authentication. Fixed in Vault 1.15.5 and 1.14.10. - 详情 - - - - 97958b76da614589919e4983d43d023f - CVE-2023-6068 - 2024-03-04 20:15:50 - On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some - 详情 - - - - 46602308321d0f2eb1b6be8fa8872cfa - CVE-2023-32331 - 2024-03-04 19:15:18 - IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979. - 详情 - - - - e90644165707cc3fbe045b23afb147cb - CVE-2021-47108 - 2024-03-04 19:15:18 - In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf In commit 41ca9caaae0b ("drm/mediatek: hdmi: Add check for CEA modes only") a check for CEA modes was added to function mtk_hdmi_bridge_mode_valid() in order to address possible issues on MT8167; moreover, with commit c91026a938c2 ("drm/mediatek: hdmi: Add optional limit on maximal HDMI mode clock") another similar check was introduced. Unfortunately though, at the time of writing, MT8173 does not provide any mtk_hdmi_conf structure and this is crashing the kernel with NULL pointer upon entering mtk_hdmi_bridge_mode_valid(), which happens as soon as a HDMI cable gets plugged in. To fix this regression, add a NULL pointer check for hdmi->conf in the said function, restoring HDMI functionality and avoiding NULL pointer kernel panics. - 详情 - - - - 7c0eaf649b34f374361868accc49200e - CVE-2021-47107 - 2024-03-04 19:15:18 - In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix READDIR buffer overflow If a client sends a READDIR count argument that is too small (say, zero), then the buffer size calculation in the new init_dirlist helper functions results in an underflow, allowing the XDR stream functions to write beyond the actual buffer. This calculation has always been suspect. NFSD has never sanity- checked the READDIR count argument, but the old entry encoders managed the problem correctly. With the commits below, entry encoding changed, exposing the underflow to the pointer arithmetic in xdr_reserve_space(). Modern NFS clients attempt to retrieve as much data as possible for each READDIR request. Also, we have no unit tests that exercise the behavior of READDIR at the lower bound of @count values. Thus this case was missed during testing. - 详情 - - - - a5b9327aee662195d51eb1fcdc5029ab - CVE-2021-47106 - 2024-03-04 19:15:18 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy() We need to use list_for_each_entry_safe() iterator because we can not access @catchall after kfree_rcu() call. syzbot reported: BUG: KASAN: use-after-free in nft_set_catchall_destroy net/netfilter/nf_tables_api.c:4486 [inline] BUG: KASAN: use-after-free in nft_set_destroy net/netfilter/nf_tables_api.c:4504 [inline] BUG: KASAN: use-after-free in nft_set_destroy+0x3fd/0x4f0 net/netfilter/nf_tables_api.c:4493 Read of size 8 at addr ffff8880716e5b80 by task syz-executor.3/8871 CPU: 1 PID: 8871 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0x8d/0x2ed mm/kasan/report.c:247 __kasan_report mm/kasan/report.c:433 [inline] kasan_report.cold+0x83/0xdf mm/kasan/report.c:450 nft_set_catchall_destroy net/netfilter/nf_tables_api.c:4486 [inline] nft_set_destroy net/netfilter/nf_tables_api.c:4504 [inline] nft_set_destroy+0x3fd/0x4f0 net/netfilter/nf_tables_api.c:4493 __nft_release_table+0x79f/0xcd0 net/netfilter/nf_tables_api.c:9626 nft_rcv_nl_event+0x4f8/0x670 net/netfilter/nf_tables_api.c:9688 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83 blocking_notifier_call_chain kernel/notifier.c:318 [inline] blocking_notifier_call_chain+0x67/0x90 kernel/notifier.c:306 netlink_release+0xcb6/0x1dd0 net/netlink/af_netlink.c:788 __sock_release+0xcd/0x280 net/socket.c:649 sock_close+0x18/0x20 net/socket.c:1314 __fput+0x286/0x9f0 fs/file_table.c:280 task_work_run+0xdd/0x1a0 kernel/task_work.c:164 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop kernel/entry/common.c:175 [inline] exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:207 __syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f75fbf28adb Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 RSP: 002b:00007ffd8da7ec10 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f75fbf28adb RDX: 00007f75fc08e828 RSI: ffffffffffffffff RDI: 0000000000000003 RBP: 00007f75fc08a960 R08: 0000000000000000 R09: 00007f75fc08e830 R10: 00007ffd8da7ed10 R11: 0000000000000293 R12: 00000000002067c3 R13: 00007ffd8da7ed10 R14: 00007f75fc088f60 R15: 0000000000000032 Allocated by task 8886: kasan_save_stack+0x1e/0x50 mm/kasan/common.c:38 kasan_set_track mm/kasan/common.c:46 [inline] set_alloc_info mm/kasan/common.c:434 [inline] ____kasan_kmalloc mm/kasan/common.c:513 [inline] ____kasan_kmalloc mm/kasan/common.c:472 [inline] __kasan_kmalloc+0xa6/0xd0 mm/kasan/common.c:522 kasan_kmalloc include/linux/kasan.h:269 [inline] kmem_cache_alloc_trace+0x1ea/0x4a0 mm/slab.c:3575 kmalloc include/linux/slab.h:590 [inline] nft_setelem_catchall_insert net/netfilter/nf_tables_api.c:5544 [inline] nft_setelem_insert net/netfilter/nf_tables_api.c:5562 [inline] nft_add_set_elem+0x232e/0x2f40 net/netfilter/nf_tables_api.c:5936 nf_tables_newsetelem+0x6ff/0xbb0 net/netfilter/nf_tables_api.c:6032 nfnetlink_rcv_batch+0x1710/0x25f0 net/netfilter/nfnetlink.c:513 nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:634 [inline] nfnetlink_rcv+0x3af/0x420 net/netfilter/nfnetlink.c:652 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline] netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345 netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921 sock_sendmsg_nosec net/ ---truncated--- - 详情 - -