From 00b5ef9d3d34673b22e6f54a908a08858e687cc6 Mon Sep 17 00:00:00 2001
From: Martin Harriman <mharrimn@amazon.com>
Date: Wed, 23 Oct 2024 18:19:04 +0000
Subject: [PATCH] advisories: backfill kernel advisories for 2.9.1

---
 advisories/2.9.1/BRSA-7sexrepdimua.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-8qqipj1mkjrt.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-ay1hf5po4u1z.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-fpqyqlfgwry4.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-gn7endd6fnto.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-jvkqxgliiw2o.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-kbs5hlc0h4cl.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-rssoacmi1zu1.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-thajs1gugm3m.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-tzwpiotgbfby.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-wxp97oetaoy7.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-xdf7dlwotmgr.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-y9biy8nyde0m.toml | 18 ++++++++++++++++++
 advisories/2.9.1/BRSA-ye9ba4g7971j.toml | 18 ++++++++++++++++++
 14 files changed, 252 insertions(+)
 create mode 100644 advisories/2.9.1/BRSA-7sexrepdimua.toml
 create mode 100644 advisories/2.9.1/BRSA-8qqipj1mkjrt.toml
 create mode 100644 advisories/2.9.1/BRSA-ay1hf5po4u1z.toml
 create mode 100644 advisories/2.9.1/BRSA-fpqyqlfgwry4.toml
 create mode 100644 advisories/2.9.1/BRSA-gn7endd6fnto.toml
 create mode 100644 advisories/2.9.1/BRSA-jvkqxgliiw2o.toml
 create mode 100644 advisories/2.9.1/BRSA-kbs5hlc0h4cl.toml
 create mode 100644 advisories/2.9.1/BRSA-rssoacmi1zu1.toml
 create mode 100644 advisories/2.9.1/BRSA-thajs1gugm3m.toml
 create mode 100644 advisories/2.9.1/BRSA-tzwpiotgbfby.toml
 create mode 100644 advisories/2.9.1/BRSA-wxp97oetaoy7.toml
 create mode 100644 advisories/2.9.1/BRSA-xdf7dlwotmgr.toml
 create mode 100644 advisories/2.9.1/BRSA-y9biy8nyde0m.toml
 create mode 100644 advisories/2.9.1/BRSA-ye9ba4g7971j.toml

diff --git a/advisories/2.9.1/BRSA-7sexrepdimua.toml b/advisories/2.9.1/BRSA-7sexrepdimua.toml
new file mode 100644
index 000000000..87572322c
--- /dev/null
+++ b/advisories/2.9.1/BRSA-7sexrepdimua.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-7sexrepdimua"
+title = "kernel CVE-2024-46744"
+cve = "CVE-2024-46744"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["x86_64", "aarch64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-8qqipj1mkjrt.toml b/advisories/2.9.1/BRSA-8qqipj1mkjrt.toml
new file mode 100644
index 000000000..63c1bef78
--- /dev/null
+++ b/advisories/2.9.1/BRSA-8qqipj1mkjrt.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-8qqipj1mkjrt"
+title = "kernel CVE-2024-46713"
+cve = "CVE-2024-46713"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["aarch64", "x86_64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-ay1hf5po4u1z.toml b/advisories/2.9.1/BRSA-ay1hf5po4u1z.toml
new file mode 100644
index 000000000..11864b76f
--- /dev/null
+++ b/advisories/2.9.1/BRSA-ay1hf5po4u1z.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-ay1hf5po4u1z"
+title = "kernel CVE-2024-46777"
+cve = "CVE-2024-46777"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["x86_64", "aarch64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-fpqyqlfgwry4.toml b/advisories/2.9.1/BRSA-fpqyqlfgwry4.toml
new file mode 100644
index 000000000..05481c0ff
--- /dev/null
+++ b/advisories/2.9.1/BRSA-fpqyqlfgwry4.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-fpqyqlfgwry4"
+title = "kernel CVE-2024-46782"
+cve = "CVE-2024-46782"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["aarch64", "x86_64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-gn7endd6fnto.toml b/advisories/2.9.1/BRSA-gn7endd6fnto.toml
new file mode 100644
index 000000000..177e3579d
--- /dev/null
+++ b/advisories/2.9.1/BRSA-gn7endd6fnto.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-gn7endd6fnto"
+title = "kernel CVE-2024-46783"
+cve = "CVE-2024-46783"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg()"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["aarch64", "x86_64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-jvkqxgliiw2o.toml b/advisories/2.9.1/BRSA-jvkqxgliiw2o.toml
new file mode 100644
index 000000000..54a4e096d
--- /dev/null
+++ b/advisories/2.9.1/BRSA-jvkqxgliiw2o.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-jvkqxgliiw2o"
+title = "kernel CVE-2024-46738"
+cve = "CVE-2024-46738"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmci_resource_remove()"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["aarch64", "x86_64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-kbs5hlc0h4cl.toml b/advisories/2.9.1/BRSA-kbs5hlc0h4cl.toml
new file mode 100644
index 000000000..f33cec033
--- /dev/null
+++ b/advisories/2.9.1/BRSA-kbs5hlc0h4cl.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-kbs5hlc0h4cl"
+title = "kernel CVE-2024-46752"
+cve = "CVE-2024-46752"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow()"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["aarch64", "x86_64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-rssoacmi1zu1.toml b/advisories/2.9.1/BRSA-rssoacmi1zu1.toml
new file mode 100644
index 000000000..3808a164d
--- /dev/null
+++ b/advisories/2.9.1/BRSA-rssoacmi1zu1.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-rssoacmi1zu1"
+title = "kernel CVE-2024-46745"
+cve = "CVE-2024-46745"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["x86_64", "aarch64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-thajs1gugm3m.toml b/advisories/2.9.1/BRSA-thajs1gugm3m.toml
new file mode 100644
index 000000000..f56a40d19
--- /dev/null
+++ b/advisories/2.9.1/BRSA-thajs1gugm3m.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-thajs1gugm3m"
+title = "kernel CVE-2024-46734"
+cve = "CVE-2024-46734"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["x86_64", "aarch64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-tzwpiotgbfby.toml b/advisories/2.9.1/BRSA-tzwpiotgbfby.toml
new file mode 100644
index 000000000..022cb3570
--- /dev/null
+++ b/advisories/2.9.1/BRSA-tzwpiotgbfby.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-tzwpiotgbfby"
+title = "kernel CVE-2024-46750"
+cve = "CVE-2024-46750"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock()"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["aarch64", "x86_64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-wxp97oetaoy7.toml b/advisories/2.9.1/BRSA-wxp97oetaoy7.toml
new file mode 100644
index 000000000..e7513a458
--- /dev/null
+++ b/advisories/2.9.1/BRSA-wxp97oetaoy7.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-wxp97oetaoy7"
+title = "kernel CVE-2024-46743"
+cve = "CVE-2024-46743"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["x86_64", "aarch64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-xdf7dlwotmgr.toml b/advisories/2.9.1/BRSA-xdf7dlwotmgr.toml
new file mode 100644
index 000000000..95a8e23a5
--- /dev/null
+++ b/advisories/2.9.1/BRSA-xdf7dlwotmgr.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-xdf7dlwotmgr"
+title = "kernel CVE-2024-46739"
+cve = "CVE-2024-46739"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["aarch64", "x86_64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-y9biy8nyde0m.toml b/advisories/2.9.1/BRSA-y9biy8nyde0m.toml
new file mode 100644
index 000000000..8a31516d8
--- /dev/null
+++ b/advisories/2.9.1/BRSA-y9biy8nyde0m.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-y9biy8nyde0m"
+title = "kernel CVE-2024-46800"
+cve = "CVE-2024-46800"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.111-120.187.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["x86_64", "aarch64"]
+version = "2.9.1"
diff --git a/advisories/2.9.1/BRSA-ye9ba4g7971j.toml b/advisories/2.9.1/BRSA-ye9ba4g7971j.toml
new file mode 100644
index 000000000..acbd11947
--- /dev/null
+++ b/advisories/2.9.1/BRSA-ye9ba4g7971j.toml
@@ -0,0 +1,18 @@
+[advisory]
+id = "BRSA-ye9ba4g7971j"
+title = "kernel CVE-2024-35870"
+cve = "CVE-2024-35870"
+severity = "moderate"
+description = "In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server()"
+
+[[advisory.products]]
+package-name = "kernel-6.1"
+patched-version = "kernel-6.1.112-122.189.amzn2023"
+patched-release = "0"
+patched-epoch = "0"
+
+[updateinfo]
+author = "mharrimn"
+issue-date = 2024-10-17T00:33:43Z
+arches = ["x86_64", "aarch64"]
+version = "2.9.1"