In [0]:
# SOLUTION BLOCK (for reference - implement the TODOs above first!)
# Uncomment and run this cell if you need help completing the Bronze layer

"""
from pyspark.sql import functions as F

# Many CVE v5 exports have metadata under \"cveMetadata.datePublished\"
# Fall back defensively if a different field name appears
date_col = F.col(\"cveMetadata.datePublished\").cast(\"string\")
df_raw = df_raw.withColumn(\"_datePublished_ts\", F.to_timestamp(date_col))

# 2) Filter to 2024 publications
df_2024 = df_raw.filter(F.year(F.col(\"_datePublished_ts\")) == 2024)

# 3) Data quality gates
cnt_all = df_raw.count()
cnt_2024 = df_2024.count()
null_ids = df_2024.filter(F.col(\"cveMetadata.cveId\").isNull()).count()
distinct_ids = df_2024.select(\"cveMetadata.cveId\").distinct().count()

print(f\"Raw total: {cnt_all:,}\")
print(f\"2024 total: {cnt_2024:,}\")
print(f\"Null cveId (2024): {null_ids}\")
print(f\"Distinct cveId (2024): {distinct_ids:,}\")

assert cnt_2024 >= 30000, \"Too few 2024 rows—did the filter or read fail?\"
assert null_ids == 0, \"cveId should not be null\"
assert distinct_ids == cnt_2024, \"cveId expected to be unique in 2024\"

# 4) Write Delta + register table
(df_2024
 .repartition(8)
 .write
 .format(\"delta\")
 .mode(\"overwrite\")
 .save(bronze_path))

spark.sql(f\"DROP TABLE IF EXISTS {table_name}\")
spark.sql(f\"CREATE TABLE {table_name} USING DELTA LOCATION '{bronze_path}'\")

print(\"✅ Bronze Delta written and table registered:\", table_name)

# 5) Verification for screenshots
spark.read.format(\"delta\").load(bronze_path).printSchema()
spark.sql(f\"DESCRIBE DETAIL {table_name}\").show(truncate=False)
"""

'\nfrom pyspark.sql import functions as F\n\n# Many CVE v5 exports have metadata under "cveMetadata.datePublished"\n# Fall back defensively if a different field name appears\ndate_col = F.col("cveMetadata.datePublished").cast("string")\ndf_raw = df_raw.withColumn("_datePublished_ts", F.to_timestamp(date_col))\n\n# 2) Filter to 2024 publications\ndf_2024 = df_raw.filter(F.year(F.col("_datePublished_ts")) == 2024)\n\n# 3) Data quality gates\ncnt_all = df_raw.count()\ncnt_2024 = df_2024.count()\nnull_ids = df_2024.filter(F.col("cveMetadata.cveId").isNull()).count()\ndistinct_ids = df_2024.select("cveMetadata.cveId").distinct().count()\n\nprint(f"Raw total: {cnt_all:,}")\nprint(f"2024 total: {cnt_2024:,}")\nprint(f"Null cveId (2024): {null_ids}")\nprint(f"Distinct cveId (2024): {distinct_ids:,}")\n\nassert cnt_2024 >= 30000, "Too few 2024 rows—did the filter or read fail?"\nassert null_ids == 0, "cveId should not be null"\nassert distinct_ids == cnt_2024, "cveId expected to be unique in 20

In [0]:
# ==============================================================
# 🪙 CVE LAKEHOUSE – BRONZE LAYER (FULL DATASET, UC-SAFE)
# - Reads all CVE JSON files (~38 K)
# - Filters 2024 records
# - Flattens Structs + serializes Arrays of Structs to JSON
# - Writes Delta files to /Volumes/workspace/default/assignment1/bronze
# - Verifies by direct Delta read (no CREATE TABLE)
# ==============================================================

from pyspark.sql import functions as F, types as T
import re, time

# ---- Configuration ----
volume_root      = "/Volumes/workspace/default/assignment1"
volume_cves_dir  = f"{volume_root}/cve/json_files"
bronze_path      = f"{volume_root}/bronze"      # final Delta output
spark.conf.set("spark.sql.shuffle.partitions", "8")

print("🎯 Starting CVE Bronze Layer (FULL RUN – UC Safe)\n")

# ---------------------------------------------------------------
# 🧩 Helper – recursive sanitizer (unchanged from tested subset)
# ---------------------------------------------------------------
INVALID_CHARS = re.compile(r"[ ,;{}()\n\t=]")

def sanitize_path(path: str) -> str:
    return INVALID_CHARS.sub("_", path)

def build_sanitized_columns(df):
    cols = []
    def walk(schema, prefix=""):
        for field in schema.fields:
            name = field.name
            path = f"{prefix}.{name}" if prefix else name
            safe = sanitize_path(path)
            dt = field.dataType
            if isinstance(dt, T.StructType):
                walk(dt, path)
            elif isinstance(dt, T.ArrayType) and isinstance(dt.elementType, T.StructType):
                cols.append(F.to_json(F.col(path)).alias(safe))
            else:
                cols.append(F.col(path).alias(safe))
    walk(df.schema)
    return cols

# ---------------------------------------------------------------
# 1️⃣ Read ALL JSON files recursively
# ---------------------------------------------------------------
print("📖 Reading ALL JSON files recursively from volume...")
t0 = time.time()
df_raw = (
    spark.read
        .option("multiLine", True)
        .option("recursiveFileLookup", "true")
        .json(volume_cves_dir)
        .withColumn("_source_file", F.col("_metadata.file_path"))
)
raw_count = df_raw.count()
print(f"✅ Raw CVE records loaded: {raw_count:,} files in {time.time()-t0:,.1f}s")

# ---------------------------------------------------------------
# 2️⃣ Filter records published in 2024
# ---------------------------------------------------------------
print("\n📆 Filtering records for 2024 ...")
df_2024 = (
    df_raw
        .withColumn("datePublished_ts", F.to_timestamp(F.col("cveMetadata.datePublished")))
        .filter(F.year(F.col("datePublished_ts")) == 2024)
        .withColumn("_ingest_ts", F.current_timestamp())
        .drop("datePublished_ts")
)
count_2024 = df_2024.count()
print(f"✅ 2024 CVE records count: {count_2024:,}")

# ---------------------------------------------------------------
# 3️⃣ Data Quality Checks
# ---------------------------------------------------------------
print("\n🧪 Running Data Quality Checks ...")
null_ids     = df_2024.filter(F.col("cveMetadata.cveId").isNull()).count()
distinct_ids = df_2024.select("cveMetadata.cveId").distinct().count()

print("🔍 DQ Summary:")
print(f"   • Total 2024 rows : {count_2024:,}")
print(f"   • Null CVE IDs   : {null_ids:,}")
print(f"   • Distinct CVE IDs: {distinct_ids:,}")

assert null_ids == 0, "❌ Found null CVE IDs"
assert distinct_ids == count_2024, "❌ Duplicate CVE IDs found"
print("✅ Basic DQ checks passed.")

# ---------------------------------------------------------------
# 4️⃣ Flatten + sanitize for Delta
# ---------------------------------------------------------------
print("\n🧼 Flattening and sanitizing column names ...")
sanitized_cols = build_sanitized_columns(df_2024)
df_clean = df_2024.select(sanitized_cols)
print(f"✅ Sanitized column count: {len(df_clean.columns)}")

# ---------------------------------------------------------------
# 5️⃣ Write to Delta
# ---------------------------------------------------------------
print("\n💾 Writing full 2024 dataset to Delta ...")
(
    df_clean.write
        .format("delta")
        .mode("overwrite")
        .save(bronze_path)
)
print(f"✅ Delta write complete at: {bronze_path}")

# ---------------------------------------------------------------
# 6️⃣ Verify by reading back (no CREATE TABLE)
# ---------------------------------------------------------------
print("\n🧾 Reading Delta back for verification ...")
df_check = spark.read.format("delta").load(bronze_path)

print(f"✅ Read-back successful. Record count: {df_check.count():,}")
print("\n📐 Schema of final Bronze Delta :")
df_check.printSchema()

print("\n📊 Sample records (for screenshot):")
display(df_check.limit(10))

print("\n📁 Files in Bronze Delta path :")
display(dbutils.fs.ls(bronze_path))

print("\n📸 REQUIRED SCREENSHOTS:")
print("  • df_check.count() ≈ 38 000–40 000 records")
print("  • DQ Summary output above")
print("  • dbutils.fs.ls(bronze_path) showing _delta_log + .parquet files")


🎯 Starting CVE Bronze Layer (FULL RUN – UC Safe)

📖 Reading ALL JSON files recursively from volume...
✅ Raw CVE records loaded: 38,727 files in 2,295.6s

📆 Filtering records for 2024 ...
✅ 2024 CVE records count: 32,924

🧪 Running Data Quality Checks ...
🔍 DQ Summary:
   • Total 2024 rows : 32,924
   • Null CVE IDs   : 0
   • Distinct CVE IDs: 32,924
✅ Basic DQ checks passed.

🧼 Flattening and sanitizing column names ...
✅ Sanitized column count: 104

💾 Writing full 2024 dataset to Delta ...
✅ Delta write complete at: /Volumes/workspace/default/assignment1/bronze

🧾 Reading Delta back for verification ...
✅ Read-back successful. Record count: 32,924

📐 Schema of final Bronze Delta :
root
 |-- containers.adp: string (nullable = true)
 |-- containers.cna.affected: string (nullable = true)
 |-- containers.cna.configurations: string (nullable = true)
 |-- containers.cna.cpeApplicability: string (nullable = true)
 |-- containers.cna.credits: string (nullable = true)
 |-- containers.cna.date

containers.adp,containers.cna.affected,containers.cna.configurations,containers.cna.cpeApplicability,containers.cna.credits,containers.cna.dateAssigned,containers.cna.datePublic,containers.cna.descriptions,containers.cna.exploits,containers.cna.impacts,containers.cna.metrics,containers.cna.problemTypes,containers.cna.providerMetadata.dateUpdated,containers.cna.providerMetadata.orgId,containers.cna.providerMetadata.shortName,containers.cna.references,containers.cna.rejectedReasons,containers.cna.replacedBy,containers.cna.solutions,containers.cna.source.advisory,containers.cna.source.defect,containers.cna.source.defects,containers.cna.source.discovery,containers.cna.source.lang,containers.cna.source.value,containers.cna.tags,containers.cna.timeline,containers.cna.title,containers.cna.workarounds,containers.cna.x_affectedList,containers.cna.x_generator.engine,containers.cna.x_generator.env,containers.cna.x_generator.origin,containers.cna.x_legacyV4Record.CNA_private.Current-Status,containers.cna.x_legacyV4Record.CNA_private.Priority,containers.cna.x_legacyV4Record.CNA_private.STATE,containers.cna.x_legacyV4Record.CNA_private.TYPE,containers.cna.x_legacyV4Record.CNA_private.affectedKeywords,containers.cna.x_legacyV4Record.CNA_private.affectsSummary.affected,containers.cna.x_legacyV4Record.CNA_private.affectsSummary.appliesTo,containers.cna.x_legacyV4Record.CNA_private.affectsSummary.product_versions,containers.cna.x_legacyV4Record.CNA_private.affectsSummary.unaffected,containers.cna.x_legacyV4Record.CNA_private.affectsSummary.unknown,containers.cna.x_legacyV4Record.CNA_private.owner,containers.cna.x_legacyV4Record.CNA_private.publish.month,containers.cna.x_legacyV4Record.CNA_private.publish.year,containers.cna.x_legacyV4Record.CNA_private.publish.ym,containers.cna.x_legacyV4Record.CNA_private.share_with_CVE,containers.cna.x_legacyV4Record.CNA_private.show_cvss,containers.cna.x_legacyV4Record.CVE_data_meta.ASSIGNER,containers.cna.x_legacyV4Record.CVE_data_meta.DATE_PUBLIC,containers.cna.x_legacyV4Record.CVE_data_meta.ID,containers.cna.x_legacyV4Record.CVE_data_meta.STATE,containers.cna.x_legacyV4Record.CVE_data_meta.TITLE,containers.cna.x_legacyV4Record.affects.vendor.vendor_data,containers.cna.x_legacyV4Record.credit,containers.cna.x_legacyV4Record.data_format,containers.cna.x_legacyV4Record.data_type,containers.cna.x_legacyV4Record.data_version,containers.cna.x_legacyV4Record.description.description_data,containers.cna.x_legacyV4Record.exploit,containers.cna.x_legacyV4Record.generator.engine,containers.cna.x_legacyV4Record.impact.cvss.Automatable,containers.cna.x_legacyV4Record.impact.cvss.Recovery,containers.cna.x_legacyV4Record.impact.cvss.Safety,containers.cna.x_legacyV4Record.impact.cvss.attackComplexity,containers.cna.x_legacyV4Record.impact.cvss.attackRequirements,containers.cna.x_legacyV4Record.impact.cvss.attackVector,containers.cna.x_legacyV4Record.impact.cvss.baseScore,containers.cna.x_legacyV4Record.impact.cvss.baseSeverity,containers.cna.x_legacyV4Record.impact.cvss.privilegesRequired,containers.cna.x_legacyV4Record.impact.cvss.providerUrgency,containers.cna.x_legacyV4Record.impact.cvss.subAvailabilityImpact,containers.cna.x_legacyV4Record.impact.cvss.subConfidentialityImpact,containers.cna.x_legacyV4Record.impact.cvss.subIntegrityImpact,containers.cna.x_legacyV4Record.impact.cvss.userInteraction,containers.cna.x_legacyV4Record.impact.cvss.valueDensity,containers.cna.x_legacyV4Record.impact.cvss.vectorString,containers.cna.x_legacyV4Record.impact.cvss.version,containers.cna.x_legacyV4Record.impact.cvss.vulnAvailabilityImpact,containers.cna.x_legacyV4Record.impact.cvss.vulnConfidentialityImpact,containers.cna.x_legacyV4Record.impact.cvss.vulnIntegrityImpact,containers.cna.x_legacyV4Record.impact.cvss.vulnerabilityResponseEffort,containers.cna.x_legacyV4Record.problemtype.problemtype_data,containers.cna.x_legacyV4Record.references.reference_data,containers.cna.x_legacyV4Record.solution,containers.cna.x_legacyV4Record.source.defect,containers.cna.x_legacyV4Record.source.discovery,containers.cna.x_legacyV4Record.timeline,containers.cna.x_legacyV4Record.x_advisoryEoL,containers.cna.x_legacyV4Record.x_affectedList,containers.cna.x_redhatCweChain,cveMetadata.assignerOrgId,cveMetadata.assignerShortName,cveMetadata.cveId,cveMetadata.datePublished,cveMetadata.dateRejected,cveMetadata.dateReserved,cveMetadata.dateUpdated,cveMetadata.state,dataType,dataVersion,_source_file,_ingest_ts
"[{""providerMetadata"":{""dateUpdated"":""2024-08-02T04:54:32.566Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/25b1e3906e050d452427bc51620bb7f0a591373a""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/2ae4db5647d807efb6a87c09efaa6d1db9c905d7""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42149"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:31.286320Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.789Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""fs/super.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""25b1e3906e050d452427bc51620bb7f0a591373a"",""status"":""affected"",""version"":""49ef8832fb1a9e0da0020eb17480fd286433bc13"",""versionType"":""git""},{""lessThan"":""2ae4db5647d807efb6a87c09efaa6d1db9c905d7"",""status"":""affected"",""version"":""49ef8832fb1a9e0da0020eb17480fd286433bc13"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""fs/super.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""6.8""},{""lessThan"":""6.8"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""6.8"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""6.8"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\nfs: don't misleadingly warn during thaw operations\n\nThe block device may have been frozen before it was claimed by a\nfilesystem. Concurrently another process might try to mount that\nfrozen block device and has temporarily claimed the block device for\nthat purpose causing a concurrent fs_bdev_thaw() to end up here. The\nmounter is already about to abort mounting because they still saw an\nelevanted bdev->bd_fsfreeze_count so get_bdev_super() will return\nNULL in that case.\n\nFor example, P1 calls dm_suspend() which calls into bdev_freeze() before\nthe block device has been claimed by the filesystem. This brings\nbdev->bd_fsfreeze_count to 1 and no call into fs_bdev_freeze() is\nrequired.\n\nNow P2 tries to mount that frozen block device. It claims it and checks\nbdev->bd_fsfreeze_count. As it's elevated it aborts mounting.\n\nIn the meantime P3 called dm_resume(). P3 sees that the block device is\nalready claimed by a filesystem and calls into fs_bdev_thaw().\n\nP3 takes a passive reference and realizes that the filesystem isn't\nready yet. P3 puts itself to sleep to wait for the filesystem to become\nready.\n\nP2 now puts the last active reference to the filesystem and marks it as\ndying. P3 gets woken, sees that the filesystem is dying and\nget_bdev_super() fails.""}]",,,,,2025-05-04T09:24:10.572Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/25b1e3906e050d452427bc51620bb7f0a591373a""},{""url"":""https://git.kernel.org/stable/c/2ae4db5647d807efb6a87c09efaa6d1db9c905d7""}]",,,,,,,,,,,,fs: don't misleadingly warn during thaw operations,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42149,2024-07-30T07:46:42.133Z,,2024-07-29T15:50:41.191Z,2025-05-04T09:24:10.572Z,PUBLISHED,CVE_RECORD,5.1,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42149.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2024-08-02T04:54:32.253Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/850103ebe6b062ee0ab0f6670205f861acc76ace""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/bd07a98178462e7a02ed2bf7dec90a00944c1da5""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42150"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:28.119432Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.677Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""drivers/net/ethernet/wangxun/libwx/wx_hw.c"",""drivers/net/ethernet/wangxun/libwx/wx_lib.c"",""drivers/net/ethernet/wangxun/libwx/wx_type.h"",""drivers/net/ethernet/wangxun/txgbe/txgbe_irq.c"",""drivers/net/ethernet/wangxun/txgbe/txgbe_irq.h"",""drivers/net/ethernet/wangxun/txgbe/txgbe_main.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""850103ebe6b062ee0ab0f6670205f861acc76ace"",""status"":""affected"",""version"":""aefd013624a10f39b0bfaee8432a235128705380"",""versionType"":""git""},{""lessThan"":""bd07a98178462e7a02ed2bf7dec90a00944c1da5"",""status"":""affected"",""version"":""aefd013624a10f39b0bfaee8432a235128705380"",""versionType"":""git""},{""status"":""affected"",""version"":""ffe8a87463c8bb885c42ed54540d06ed041e76dc"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""drivers/net/ethernet/wangxun/libwx/wx_hw.c"",""drivers/net/ethernet/wangxun/libwx/wx_lib.c"",""drivers/net/ethernet/wangxun/libwx/wx_type.h"",""drivers/net/ethernet/wangxun/txgbe/txgbe_irq.c"",""drivers/net/ethernet/wangxun/txgbe/txgbe_irq.h"",""drivers/net/ethernet/wangxun/txgbe/txgbe_main.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""6.9""},{""lessThan"":""6.9"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""6.9"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""6.9"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionStartIncluding"":""6.8.12"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\nnet: txgbe: remove separate irq request for MSI and INTx\n\nWhen using MSI or INTx interrupts, request_irq() for pdev->irq will\nconflict with request_threaded_irq() for txgbe->misc.irq, to cause\nsystem crash. So remove txgbe_request_irq() for MSI/INTx case, and\nrename txgbe_request_msix_irqs() since it only request for queue irqs.\n\nAdd wx->misc_irq_domain to determine whether the driver creates an IRQ\ndomain and threaded request the IRQs.""}]",,,,,2025-05-04T12:57:47.297Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/850103ebe6b062ee0ab0f6670205f861acc76ace""},{""url"":""https://git.kernel.org/stable/c/bd07a98178462e7a02ed2bf7dec90a00944c1da5""}]",,,,,,,,,,,,net: txgbe: remove separate irq request for MSI and INTx,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42150,2024-07-30T07:46:43.031Z,,2024-07-29T15:50:41.191Z,2025-05-04T12:57:47.297Z,PUBLISHED,CVE_RECORD,5.1,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42150.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2024-08-02T04:54:32.474Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/7f79097b0de97a486b137b750d7dd7b20b519d23""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/1479eaff1f16983d8fda7c5a08a586c21891087d""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42151"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:24.877493Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.572Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""net/bpf/bpf_dummy_struct_ops.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""7f79097b0de97a486b137b750d7dd7b20b519d23"",""status"":""affected"",""version"":""2cd3e3772e41377f32d6eea643e0590774e9187c"",""versionType"":""git""},{""lessThan"":""1479eaff1f16983d8fda7c5a08a586c21891087d"",""status"":""affected"",""version"":""2cd3e3772e41377f32d6eea643e0590774e9187c"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""net/bpf/bpf_dummy_struct_ops.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""6.8""},{""lessThan"":""6.8"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""6.8"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""6.8"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable\n\nTest case dummy_st_ops/dummy_init_ret_value passes NULL as the first\nparameter of the test_1() function. Mark this parameter as nullable to\nmake verifier aware of such possibility.\nOtherwise, NULL check in the test_1() code:\n\n SEC(\""struct_ops/test_1\"")\n int BPF_PROG(test_1, struct bpf_dummy_ops_state *state)\n {\n if (!state)\n return ...;\n\n ... access state ...\n }\n\nMight be removed by verifier, thus triggering NULL pointer dereference\nunder certain conditions.""}]",,,,,2025-05-04T09:24:13.803Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/7f79097b0de97a486b137b750d7dd7b20b519d23""},{""url"":""https://git.kernel.org/stable/c/1479eaff1f16983d8fda7c5a08a586c21891087d""}]",,,,,,,,,,,,bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42151,2024-07-30T07:46:43.969Z,,2024-07-29T15:50:41.193Z,2025-05-04T09:24:13.803Z,PUBLISHED,CVE_RECORD,5.1,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42151.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2025-11-03T22:02:15.586Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/2f3c22b1d3d7e86712253244797a651998c141fa""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/b4fed1443a6571d49c6ffe7d97af3bbe5ee6dff5""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/940a71f08ef153ef807f751310b0648d1fa5d0da""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/5502c1f1d0d7472706cc1f201aecf1c935d302d1""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/818004f2a380420c19872171be716174d4985e33""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/c758b77d4a0a0ed3a1292b3fd7a2aeccd1a169a4""},{""url"":""https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42152"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:21.603444Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.451Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""drivers/nvme/target/core.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""2f3c22b1d3d7e86712253244797a651998c141fa"",""status"":""affected"",""version"":""0f5be6a4ff7b3f8bf3db15f904e3e76797a43d9a"",""versionType"":""git""},{""lessThan"":""b4fed1443a6571d49c6ffe7d97af3bbe5ee6dff5"",""status"":""affected"",""version"":""0f5be6a4ff7b3f8bf3db15f904e3e76797a43d9a"",""versionType"":""git""},{""lessThan"":""940a71f08ef153ef807f751310b0648d1fa5d0da"",""status"":""affected"",""version"":""0f5be6a4ff7b3f8bf3db15f904e3e76797a43d9a"",""versionType"":""git""},{""lessThan"":""5502c1f1d0d7472706cc1f201aecf1c935d302d1"",""status"":""affected"",""version"":""0f5be6a4ff7b3f8bf3db15f904e3e76797a43d9a"",""versionType"":""git""},{""lessThan"":""818004f2a380420c19872171be716174d4985e33"",""status"":""affected"",""version"":""0f5be6a4ff7b3f8bf3db15f904e3e76797a43d9a"",""versionType"":""git""},{""lessThan"":""c758b77d4a0a0ed3a1292b3fd7a2aeccd1a169a4"",""status"":""affected"",""version"":""0f5be6a4ff7b3f8bf3db15f904e3e76797a43d9a"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""drivers/nvme/target/core.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""5.6""},{""lessThan"":""5.6"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""5.10.*"",""status"":""unaffected"",""version"":""5.10.222"",""versionType"":""semver""},{""lessThanOrEqual"":""5.15.*"",""status"":""unaffected"",""version"":""5.15.163"",""versionType"":""semver""},{""lessThanOrEqual"":""6.1.*"",""status"":""unaffected"",""version"":""6.1.98"",""versionType"":""semver""},{""lessThanOrEqual"":""6.6.*"",""status"":""unaffected"",""version"":""6.6.39"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.10.222"",""versionStartIncluding"":""5.6"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.15.163"",""versionStartIncluding"":""5.6"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.1.98"",""versionStartIncluding"":""5.6"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.6.39"",""versionStartIncluding"":""5.6"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""5.6"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""5.6"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a possible leak when destroy a ctrl during qp establishment\n\nIn nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we\nknow that a ctrl was allocated (in the admin connect request handler)\nand we need to release pending AERs, clear ctrl->sqs and sq->ctrl\n(for nvme-loop primarily), and drop the final reference on the ctrl.\n\nHowever, a small window is possible where nvmet_sq_destroy starts (as\na result of the client giving up and disconnecting) concurrently with\nthe nvme admin connect cmd (which may be in an early stage). But *before*\nkill_and_confirm of sq->ref (i.e. the admin connect managed to get an sq\nlive reference). In this case, sq->ctrl was allocated however after it was\ncaptured in a local variable in nvmet_sq_destroy.\nThis prevented the final reference drop on the ctrl.\n\nSolve this by re-capturing the sq->ctrl after all inflight request has\ncompleted, where for sure sq->ctrl reference is final, and move forward\nbased on that.\n\nThis issue was observed in an environment with many hosts connecting\nmultiple ctrls simoutanuosly, creating a delay in allocating a ctrl\nleading up to this race window.""}]",,,,,2025-06-19T12:56:36.697Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/2f3c22b1d3d7e86712253244797a651998c141fa""},{""url"":""https://git.kernel.org/stable/c/b4fed1443a6571d49c6ffe7d97af3bbe5ee6dff5""},{""url"":""https://git.kernel.org/stable/c/940a71f08ef153ef807f751310b0648d1fa5d0da""},{""url"":""https://git.kernel.org/stable/c/5502c1f1d0d7472706cc1f201aecf1c935d302d1""},{""url"":""https://git.kernel.org/stable/c/818004f2a380420c19872171be716174d4985e33""},{""url"":""https://git.kernel.org/stable/c/c758b77d4a0a0ed3a1292b3fd7a2aeccd1a169a4""}]",,,,,,,,,,,,nvmet: fix a possible leak when destroy a ctrl during qp establishment,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42152,2024-07-30T07:46:44.795Z,,2024-07-29T15:50:41.193Z,2025-11-03T22:02:15.586Z,PUBLISHED,CVE_RECORD,5.2,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42152.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2025-11-03T22:02:17.048Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/a349e5ab4dc9954746e836cd10b407ce48f9b2f6""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/effe0500afda017a86c94482b1e36bc37586c9af""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/2849a1b747cf37aa5b684527104d3a53f1e296d2""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/3503372d0bf7b324ec0bd6b90606703991426176""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/3d32327f5cfc087ee3922a3bcdcc29880dcdb50f""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/92e494a7568b60ae80d57fc0deafcaf3a4029ab3""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/27cd3873fa76ebeb9f948baae40cb9a6d8692289""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/f63b94be6942ba82c55343e196bd09b53227618e""},{""url"":""https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42153"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:18.348339Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.334Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""drivers/i2c/busses/i2c-pnx.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""a349e5ab4dc9954746e836cd10b407ce48f9b2f6"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""},{""lessThan"":""effe0500afda017a86c94482b1e36bc37586c9af"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""},{""lessThan"":""2849a1b747cf37aa5b684527104d3a53f1e296d2"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""},{""lessThan"":""3503372d0bf7b324ec0bd6b90606703991426176"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""},{""lessThan"":""3d32327f5cfc087ee3922a3bcdcc29880dcdb50f"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""},{""lessThan"":""92e494a7568b60ae80d57fc0deafcaf3a4029ab3"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""},{""lessThan"":""27cd3873fa76ebeb9f948baae40cb9a6d8692289"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""},{""lessThan"":""f63b94be6942ba82c55343e196bd09b53227618e"",""status"":""affected"",""version"":""41561f28e76a47dc6de0a954da85d0b5c42874eb"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""drivers/i2c/busses/i2c-pnx.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""2.6.20""},{""lessThan"":""2.6.20"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""4.19.*"",""status"":""unaffected"",""version"":""4.19.318"",""versionType"":""semver""},{""lessThanOrEqual"":""5.4.*"",""status"":""unaffected"",""version"":""5.4.280"",""versionType"":""semver""},{""lessThanOrEqual"":""5.10.*"",""status"":""unaffected"",""version"":""5.10.222"",""versionType"":""semver""},{""lessThanOrEqual"":""5.15.*"",""status"":""unaffected"",""version"":""5.15.163"",""versionType"":""semver""},{""lessThanOrEqual"":""6.1.*"",""status"":""unaffected"",""version"":""6.1.98"",""versionType"":""semver""},{""lessThanOrEqual"":""6.6.*"",""status"":""unaffected"",""version"":""6.6.39"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""4.19.318"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.4.280"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.10.222"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.15.163"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.1.98"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.6.39"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""2.6.20"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr\n\nWhen del_timer_sync() is called in an interrupt context it throws a warning\nbecause of potential deadlock. The timer is used only to exit from\nwait_for_completion() after a timeout so replacing the call with\nwait_for_completion_timeout() allows to remove the problematic timer and\nits related functions altogether.""}]",,,,,2025-05-04T09:24:16.422Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/a349e5ab4dc9954746e836cd10b407ce48f9b2f6""},{""url"":""https://git.kernel.org/stable/c/effe0500afda017a86c94482b1e36bc37586c9af""},{""url"":""https://git.kernel.org/stable/c/2849a1b747cf37aa5b684527104d3a53f1e296d2""},{""url"":""https://git.kernel.org/stable/c/3503372d0bf7b324ec0bd6b90606703991426176""},{""url"":""https://git.kernel.org/stable/c/3d32327f5cfc087ee3922a3bcdcc29880dcdb50f""},{""url"":""https://git.kernel.org/stable/c/92e494a7568b60ae80d57fc0deafcaf3a4029ab3""},{""url"":""https://git.kernel.org/stable/c/27cd3873fa76ebeb9f948baae40cb9a6d8692289""},{""url"":""https://git.kernel.org/stable/c/f63b94be6942ba82c55343e196bd09b53227618e""}]",,,,,,,,,,,,i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42153,2024-07-30T07:46:45.724Z,,2024-07-29T15:50:41.193Z,2025-11-03T22:02:17.048Z,PUBLISHED,CVE_RECORD,5.2,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42153.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2025-11-03T22:02:18.507Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/19d997b59fa1fd7a02e770ee0881c0652b9c32c9""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/2a2e79dbe2236a1289412d2044994f7ab419b44c""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/cdffc358717e436bb67122bb82c1a2a26e050f98""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/ef7c428b425beeb52b894e16f1c4b629d6cebfb6""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/31f03bb04146c1c6df6c03e9f45401f5f5a985d3""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/8c2debdd170e395934ac0e039748576dfde14e99""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/3d550dd5418729a6e77fe7721d27adea7152e321""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/66be40e622e177316ae81717aa30057ba9e61dff""},{""url"":""https://security.netapp.com/advisory/ntap-20240828-0010/""},{""url"":""http://www.openwall.com/lists/oss-security/2024/09/24/3""},{""url"":""http://www.openwall.com/lists/oss-security/2024/09/24/4""},{""url"":""http://www.openwall.com/lists/oss-security/2024/09/25/3""},{""url"":""https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42154"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:15.159948Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.227Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""net/ipv4/tcp_metrics.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""19d997b59fa1fd7a02e770ee0881c0652b9c32c9"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""},{""lessThan"":""2a2e79dbe2236a1289412d2044994f7ab419b44c"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""},{""lessThan"":""cdffc358717e436bb67122bb82c1a2a26e050f98"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""},{""lessThan"":""ef7c428b425beeb52b894e16f1c4b629d6cebfb6"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""},{""lessThan"":""31f03bb04146c1c6df6c03e9f45401f5f5a985d3"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""},{""lessThan"":""8c2debdd170e395934ac0e039748576dfde14e99"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""},{""lessThan"":""3d550dd5418729a6e77fe7721d27adea7152e321"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""},{""lessThan"":""66be40e622e177316ae81717aa30057ba9e61dff"",""status"":""affected"",""version"":""3e7013ddf55af7bc191792b8aea0c2b94fb0fef5"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""net/ipv4/tcp_metrics.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""3.14""},{""lessThan"":""3.14"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""4.19.*"",""status"":""unaffected"",""version"":""4.19.318"",""versionType"":""semver""},{""lessThanOrEqual"":""5.4.*"",""status"":""unaffected"",""version"":""5.4.280"",""versionType"":""semver""},{""lessThanOrEqual"":""5.10.*"",""status"":""unaffected"",""version"":""5.10.222"",""versionType"":""semver""},{""lessThanOrEqual"":""5.15.*"",""status"":""unaffected"",""version"":""5.15.163"",""versionType"":""semver""},{""lessThanOrEqual"":""6.1.*"",""status"":""unaffected"",""version"":""6.1.98"",""versionType"":""semver""},{""lessThanOrEqual"":""6.6.*"",""status"":""unaffected"",""version"":""6.6.39"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""4.19.318"",""versionStartIncluding"":""3.14"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.4.280"",""versionStartIncluding"":""3.14"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.10.222"",""versionStartIncluding"":""3.14"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.15.163"",""versionStartIncluding"":""3.14"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.1.98"",""versionStartIncluding"":""3.14"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.6.39"",""versionStartIncluding"":""3.14"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""3.14"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""3.14"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_metrics: validate source addr length\n\nI don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4\nis at least 4 bytes long, and the policy doesn't have an entry\nfor this attribute at all (neither does it for IPv6 but v6 is\nmanually validated).""}]",,,,,2025-05-04T09:24:17.764Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/19d997b59fa1fd7a02e770ee0881c0652b9c32c9""},{""url"":""https://git.kernel.org/stable/c/2a2e79dbe2236a1289412d2044994f7ab419b44c""},{""url"":""https://git.kernel.org/stable/c/cdffc358717e436bb67122bb82c1a2a26e050f98""},{""url"":""https://git.kernel.org/stable/c/ef7c428b425beeb52b894e16f1c4b629d6cebfb6""},{""url"":""https://git.kernel.org/stable/c/31f03bb04146c1c6df6c03e9f45401f5f5a985d3""},{""url"":""https://git.kernel.org/stable/c/8c2debdd170e395934ac0e039748576dfde14e99""},{""url"":""https://git.kernel.org/stable/c/3d550dd5418729a6e77fe7721d27adea7152e321""},{""url"":""https://git.kernel.org/stable/c/66be40e622e177316ae81717aa30057ba9e61dff""}]",,,,,,,,,,,,tcp_metrics: validate source addr length,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42154,2024-07-30T07:46:51.456Z,,2024-07-29T15:50:41.194Z,2025-11-03T22:02:18.507Z,PUBLISHED,CVE_RECORD,5.2,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42154.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2024-08-02T04:54:32.564Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42155"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:11.881394Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:33:08.077Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""c746f7ced4ad88ee48d0b6c92710e4674403185b"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""f2ebdadd85af4f4d0cae1e5d009c70eccc78c207"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""4.11""},{""lessThan"":""4.11"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""4.11"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pkey: Wipe copies of protected- and secure-keys\n\nAlthough the clear-key of neither protected- nor secure-keys is\naccessible, this key material should only be visible to the calling\nprocess. So wipe all copies of protected- or secure-keys from stack,\neven in case of an error.""}]",,,,,2025-05-04T09:24:19.111Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b""},{""url"":""https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207""}]",,,,,,,,,,,,s390/pkey: Wipe copies of protected- and secure-keys,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42155,2024-07-30T07:46:57.729Z,,2024-07-29T15:50:41.194Z,2025-05-04T09:24:19.111Z,PUBLISHED,CVE_RECORD,5.1,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42155.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2024-08-02T04:54:32.172Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/7f6243edd901b75aaece326c90a1cc0dcb60cc3d""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/d65d76a44ffe74c73298ada25b0f578680576073""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42156"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:08.677401Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.120Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""a891938947f4427f98cb1ce54f27223501efe750"",""status"":""affected"",""version"":""f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d"",""versionType"":""git""},{""lessThan"":""7f6243edd901b75aaece326c90a1cc0dcb60cc3d"",""status"":""affected"",""version"":""f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d"",""versionType"":""git""},{""lessThan"":""d65d76a44ffe74c73298ada25b0f578680576073"",""status"":""affected"",""version"":""f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""5.4""},{""lessThan"":""5.4"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""6.6.*"",""status"":""unaffected"",""version"":""6.6.64"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.6.64"",""versionStartIncluding"":""5.4"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""5.4"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""5.4"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pkey: Wipe copies of clear-key structures on failure\n\nWipe all sensitive data from stack for all IOCTLs, which convert a\nclear-key into a protected- or secure-key.""}]",,,,,2025-05-20T14:27:36.396Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/a891938947f4427f98cb1ce54f27223501efe750""},{""url"":""https://git.kernel.org/stable/c/7f6243edd901b75aaece326c90a1cc0dcb60cc3d""},{""url"":""https://git.kernel.org/stable/c/d65d76a44ffe74c73298ada25b0f578680576073""}]",,,,,,,,,,,,s390/pkey: Wipe copies of clear-key structures on failure,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42156,2024-07-30T07:46:58.513Z,,2024-07-29T15:50:41.194Z,2025-05-20T14:27:36.396Z,PUBLISHED,CVE_RECORD,5.1,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42156.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2025-11-03T22:02:19.958Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/6e2e374403bf73140d0efc9541cb1b3bea55ac02""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/b5eb9176ebd4697bc248bf8d145e66d782cf5250""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/93c034c4314bc4c4450a3869cd5da298502346ad""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/4889f117755b2f18c23045a0f57977f3ec130581""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/c51795885c801b6b7e976717e0d6d45b1e5be0f0""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/90a01aefb84b09ccb6024d75d85bb8f620bd3487""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/c44a2151e5d21c66b070a056c26471f30719b575""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/1d8c270de5eb74245d72325d285894a577a945d9""},{""url"":""https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42157"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:05.289606Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:34.008Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""6e2e374403bf73140d0efc9541cb1b3bea55ac02"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""b5eb9176ebd4697bc248bf8d145e66d782cf5250"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""93c034c4314bc4c4450a3869cd5da298502346ad"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""4889f117755b2f18c23045a0f57977f3ec130581"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""c51795885c801b6b7e976717e0d6d45b1e5be0f0"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""90a01aefb84b09ccb6024d75d85bb8f620bd3487"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""c44a2151e5d21c66b070a056c26471f30719b575"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""1d8c270de5eb74245d72325d285894a577a945d9"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""4.11""},{""lessThan"":""4.11"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""4.19.*"",""status"":""unaffected"",""version"":""4.19.318"",""versionType"":""semver""},{""lessThanOrEqual"":""5.4.*"",""status"":""unaffected"",""version"":""5.4.280"",""versionType"":""semver""},{""lessThanOrEqual"":""5.10.*"",""status"":""unaffected"",""version"":""5.10.222"",""versionType"":""semver""},{""lessThanOrEqual"":""5.15.*"",""status"":""unaffected"",""version"":""5.15.163"",""versionType"":""semver""},{""lessThanOrEqual"":""6.1.*"",""status"":""unaffected"",""version"":""6.1.98"",""versionType"":""semver""},{""lessThanOrEqual"":""6.6.*"",""status"":""unaffected"",""version"":""6.6.39"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""4.19.318"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.4.280"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.10.222"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""5.15.163"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.1.98"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.6.39"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""4.11"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pkey: Wipe sensitive data on failure\n\nWipe sensitive data from stack also if the copy_to_user() fails.""}]",,,,,2025-05-04T09:24:21.751Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/6e2e374403bf73140d0efc9541cb1b3bea55ac02""},{""url"":""https://git.kernel.org/stable/c/b5eb9176ebd4697bc248bf8d145e66d782cf5250""},{""url"":""https://git.kernel.org/stable/c/93c034c4314bc4c4450a3869cd5da298502346ad""},{""url"":""https://git.kernel.org/stable/c/4889f117755b2f18c23045a0f57977f3ec130581""},{""url"":""https://git.kernel.org/stable/c/c51795885c801b6b7e976717e0d6d45b1e5be0f0""},{""url"":""https://git.kernel.org/stable/c/90a01aefb84b09ccb6024d75d85bb8f620bd3487""},{""url"":""https://git.kernel.org/stable/c/c44a2151e5d21c66b070a056c26471f30719b575""},{""url"":""https://git.kernel.org/stable/c/1d8c270de5eb74245d72325d285894a577a945d9""}]",,,,,,,,,,,,s390/pkey: Wipe sensitive data on failure,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42157,2024-07-30T07:46:59.362Z,,2024-07-29T15:50:41.194Z,2025-11-03T22:02:19.958Z,PUBLISHED,CVE_RECORD,5.2,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42157.json,2025-11-11T04:49:37.603Z
"[{""providerMetadata"":{""dateUpdated"":""2024-08-02T04:54:32.078Z"",""orgId"":""af854a3a-2127-422b-91ae-364da2661108"",""shortName"":""CVE""},""references"":[{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/62151a0acde90823bdfa991d598c85cf4b1d387d""},{""tags"":[""x_transferred""],""url"":""https://git.kernel.org/stable/c/22e6824622e8a8889df0f8fc4ed5aea0e702a694""}],""title"":""CVE Program Container""},{""metrics"":[{""other"":{""content"":{""id"":""CVE-2024-42158"",""options"":[{""Exploitation"":""none""},{""Automatable"":""no""},{""Technical Impact"":""partial""}],""role"":""CISA Coordinator"",""timestamp"":""2024-09-10T16:15:02.030879Z"",""version"":""2.0.3""},""type"":""ssvc""}}],""providerMetadata"":{""dateUpdated"":""2024-09-11T17:34:33.882Z"",""orgId"":""134c704f-9b21-4f2e-91b3-4a467353bcc0"",""shortName"":""CISA-ADP""},""title"":""CISA ADP Vulnrichment""}]","[{""defaultStatus"":""unaffected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""lessThan"":""62151a0acde90823bdfa991d598c85cf4b1d387d"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""},{""lessThan"":""22e6824622e8a8889df0f8fc4ed5aea0e702a694"",""status"":""affected"",""version"":""e80d4af0a320972aac58e2004d0ba4e44ef4c5c7"",""versionType"":""git""}]},{""defaultStatus"":""affected"",""product"":""Linux"",""programFiles"":[""drivers/s390/crypto/pkey_api.c""],""repo"":""https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"",""vendor"":""Linux"",""versions"":[{""status"":""affected"",""version"":""4.11""},{""lessThan"":""4.11"",""status"":""unaffected"",""version"":""0"",""versionType"":""semver""},{""lessThanOrEqual"":""6.9.*"",""status"":""unaffected"",""version"":""6.9.9"",""versionType"":""semver""},{""lessThanOrEqual"":""*"",""status"":""unaffected"",""version"":""6.10"",""versionType"":""original_commit_for_fix""}]}]",,"[{""nodes"":[{""cpeMatch"":[{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.9.9"",""versionStartIncluding"":""4.11"",""vulnerable"":true},{""criteria"":""cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"",""versionEndExcluding"":""6.10"",""versionStartIncluding"":""4.11"",""vulnerable"":true}],""negate"":false,""operator"":""OR""}]}]",,,,"[{""lang"":""en"",""value"":""In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pkey: Use kfree_sensitive() to fix Coccinelle warnings\n\nReplace memzero_explicit() and kfree() with kfree_sensitive() to fix\nwarnings reported by Coccinelle:\n\nWARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506)\nWARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643)\nWARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770)""}]",,,,,2025-05-04T09:24:22.974Z,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,"[{""url"":""https://git.kernel.org/stable/c/62151a0acde90823bdfa991d598c85cf4b1d387d""},{""url"":""https://git.kernel.org/stable/c/22e6824622e8a8889df0f8fc4ed5aea0e702a694""}]",,,,,,,,,,,,s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings,,,bippy-1.2.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,416baaa9-dc9f-4396-8d5f-8c081fb06d67,Linux,CVE-2024-42158,2024-07-30T07:47:00.343Z,,2024-07-29T15:50:41.195Z,2025-05-04T09:24:22.974Z,PUBLISHED,CVE_RECORD,5.1,dbfs:/Volumes/workspace/default/assignment1/cve/json_files/2024_42xxx_CVE-2024-42158.json,2025-11-11T04:49:37.603Z



📁 Files in Bronze Delta path :


path,name,size,modificationTime
dbfs:/Volumes/workspace/default/assignment1/bronze/_delta_log/,_delta_log/,0,1762836593612
dbfs:/Volumes/workspace/default/assignment1/bronze/part-00000-e8071914-0002-42b1-999b-f9257168ff28.c000.snappy.parquet,part-00000-e8071914-0002-42b1-999b-f9257168ff28.c000.snappy.parquet,3698405,1762836590000
dbfs:/Volumes/workspace/default/assignment1/bronze/part-00001-d2b889da-10eb-4c33-92e0-9cbace545568.c000.snappy.parquet,part-00001-d2b889da-10eb-4c33-92e0-9cbace545568.c000.snappy.parquet,4957383,1762836590000
dbfs:/Volumes/workspace/default/assignment1/bronze/part-00002-90c6ea31-75df-4216-8adc-01a564b0892d.c000.snappy.parquet,part-00002-90c6ea31-75df-4216-8adc-01a564b0892d.c000.snappy.parquet,4903939,1762836590000
dbfs:/Volumes/workspace/default/assignment1/bronze/part-00003-a50c1550-5552-42b0-9dc5-c4b385a0bb96.c000.snappy.parquet,part-00003-a50c1550-5552-42b0-9dc5-c4b385a0bb96.c000.snappy.parquet,4740399,1762836590000
dbfs:/Volumes/workspace/default/assignment1/bronze/part-00004-5ec1fac5-8431-4267-8f08-7661ba2f9c6f.c000.snappy.parquet,part-00004-5ec1fac5-8431-4267-8f08-7661ba2f9c6f.c000.snappy.parquet,3651867,1762836590000



📸 REQUIRED SCREENSHOTS:
  • df_check.count() ≈ 38 000–40 000 records
  • DQ Summary output above
  • dbutils.fs.ls(bronze_path) showing _delta_log + .parquet files


# Assignment 1: Bronze Layer Example - CVE 2024 Data Ingestion
**DIC 587 - Data Intensive Computing - Fall 2025**

This notebook implements the Bronze layer of our medallion architecture:
- Downloads CVEProject/cvelistV5 repository 
- Filters to 2024 vulnerabilities only (~40,000 records)
- Stores raw JSON as Delta tables with ACID guarantees
- Demonstrates streaming data ingestion patterns

**Learning Objectives:**
- Understand Bronze layer concepts (raw data preservation)
- Practice JSON schema-on-read with PySpark
- Learn Delta Lake table registration
- Handle large-scale data downloads programmatically

## Step 1: Environment Setup and Data Download

In [0]:
import io, os, zipfile, urllib.request, json, shutil
from pyspark.sql.functions import input_file_name, col, to_timestamp, year

# Configuration
USE_OFFLINE = False  # Set True if you manually uploaded /FileStore/cvelistV5.zip
TARGET_YEAR = 2024   # Focus on 2024 CVEs only

# Paths - using /tmp and /FileStore to avoid Community Edition I/O errors
base_dir = "/tmp/cve"
bronze_path = "dbfs:/FileStore/cve/bronze"
os.makedirs(base_dir, exist_ok=True)

print(f"🎯 Target: {TARGET_YEAR} CVE data (~40,000 records)")
print(f"📁 Bronze location: {bronze_path}")

🎯 Target: 2024 CVE data (~40,000 records)
📁 Bronze location: dbfs:/FileStore/cve/bronze


## Step 2: Download CVE Repository

This uploads the entire CVE catalog into a databricks catalog.  You need to figure out how to filter it down to the 2024 records.  You also need to do the other medallion letters!

In [0]:
  import os
  import zipfile
  import urllib.request
  import shutil
  from pyspark.sql.functions import col, to_timestamp, year

  # Configuration
  USE_OFFLINE = False
  TARGET_YEAR = 2024
  volume_root = "/Volumes/workspace/default/assignment1"
  volume_cves_dir = f"{volume_root}/cve/json_files"

  # Check if data already exists in volume FIRST (before downloading!)
  skip_all = False
  try:
      existing_files = dbutils.fs.ls(volume_cves_dir)
      file_count = len([f for f in existing_files if f.name.endswith('.json')])
      
      if file_count > 0:
          print("="*60)
          print(f"✅ Found {file_count} existing JSON files in volume")
          print(f"   📁 Location: {volume_cves_dir}")
          print(f"   ⏩ SKIPPING download, extraction, and copy")
          print(f"   💡 To force re-download, delete the volume directory first:")
          print(f"      dbutils.fs.rm('{volume_cves_dir}', recurse=True)")
          print("="*60)
          print()
          skip_all = True
  except:
      print("📋 No existing data found in volume - proceeding with download...")
      pass

  # Only download and extract if we don't have data
  if not skip_all:
      # Your existing download/extract pattern
      zip_dest = "/tmp/cve/cvelistV5.zip"
      src_extract_dir = "/tmp/cve/cvelistV5-main"

      # Create local temp directory
      os.makedirs("/tmp/cve", exist_ok=True)

      if not USE_OFFLINE:
          zip_url = "https://github.com/CVEProject/cvelistV5/archive/refs/heads/main.zip"
          print(f"🌐 Downloading: {zip_url}")
          print("📈 This is live streaming data - updates every ~7 minutes!")

          with urllib.request.urlopen(zip_url) as r:
              data = r.read()
          with open(zip_dest, "wb") as f:
              f.write(data)

          print(f"✅ Downloaded {len(data):,} bytes")
      else:
          zip_dest = "/dbfs/FileStore/cvelistV5.zip"  # uploaded by you
          assert os.path.exists(zip_dest), "❌ Upload /FileStore/cvelistV5.zip or set USE_OFFLINE=False"
          print("📁 Using offline ZIP file")

      # Clean previous extracts
      if os.path.exists(src_extract_dir):
          shutil.rmtree(src_extract_dir, ignore_errors=True)

      # Extract ZIP
      print("📦 Extracting ZIP archive...")
      with zipfile.ZipFile(zip_dest) as z:
          z.extractall("/tmp/cve/")

      src_glob = "/tmp/cve/cvelistV5-main/cves"
      print(f"📂 Found local JSON directory: {src_glob}")

      src_glob = "/tmp/cve/cvelistV5-main/cves"
      print(f"📂 Found local JSON directory: {src_glob}")

      # Copy JSON files to Unity Catalog volume for Spark access
      print("📋 Copying JSON files to Unity Catalog volume...")
      print("   (Required because Spark cannot access local filesystem)")

      # Remove existing volume directory
      try:
          dbutils.fs.rm(volume_cves_dir, recurse=True)
      except:
          pass

      dbutils.fs.mkdirs(volume_cves_dir)

      # Copy ONLY 2024 JSON files from local to volume (optimized!)
      json_count = 0
      
      # Target only the 2024 directory for efficiency
      target_2024_dir = os.path.join(src_glob, "2024")      
      if os.path.exists(target_2024_dir):
          print(f"   📂 Found 2024 directory: {target_2024_dir}")
          print(f"   🎯 Only copying 2024 CVEs for efficiency...")
          
          for root, dirs, files in os.walk(target_2024_dir):
              for file in files:
                  if file.endswith('.json'):
                      local_file_path = os.path.join(root, file)

                      # Read file content
                      with open(local_file_path, 'r', encoding='utf-8') as f:
                          content = f.read()

                      # Write to volume with unique name (include subdirectory info)
                      relative_path = os.path.relpath(local_file_path, src_glob)
                      safe_filename = relative_path.replace('/', '_').replace('\\', '_')
                      volume_file_path = f"{volume_cves_dir}/{safe_filename}"

                      dbutils.fs.put(volume_file_path, content, overwrite=True)
                      json_count += 1

                      if json_count % 1000 == 0:
                          print(f"      Copied {json_count} JSON files...")
      else:
          print(f"   ⚠️  2024 directory not found, copying all CVEs (slower)...")
          # Fallback: copy all files if 2024 directory doesn't exist
          for root, dirs, files in os.walk(src_glob):
              for file in files:
                  if file.endswith('.json'):
                      local_file_path = os.path.join(root, file)

                      # Read file content
                      with open(local_file_path, 'r', encoding='utf-8') as f:
                          content = f.read()

                      # Write to volume with unique name (include subdirectory info)
                      relative_path = os.path.relpath(local_file_path, src_glob)
                      safe_filename = relative_path.replace('/', '_').replace('\\', '_')
                      volume_file_path = f"{volume_cves_dir}/{safe_filename}"

                      dbutils.fs.put(volume_file_path, content, overwrite=True)
                      json_count += 1

                      if json_count % 1000 == 0:
                          print(f"      Copied {json_count} JSON files...")

      print(f"✅ Copied {json_count} JSON files to volume (2024 CVEs only)")

  # Read the data (whether existing or just copied)
  print("🔄 Reading JSON files with Spark...")

  # Now read from volume location (accessible to Spark)
  df_raw = (spark.read
            .option("multiLine", True)
            .json(volume_cves_dir))

  # Add source file tracking (Unity Catalog compatible)
  df_raw = df_raw.withColumn("_source_file", col("_metadata.file_path"))

  print(f"📊 Total CVE records found: {df_raw.count():,}")


📋 No existing data found in volume - proceeding with download...
🌐 Downloading: https://github.com/CVEProject/cvelistV5/archive/refs/heads/main.zip
📈 This is live streaming data - updates every ~7 minutes!
✅ Downloaded 523,000,347 bytes
📦 Extracting ZIP archive...
📂 Found local JSON directory: /tmp/cve/cvelistV5-main/cves
📂 Found local JSON directory: /tmp/cve/cvelistV5-main/cves
📋 Copying JSON files to Unity Catalog volume...
   (Required because Spark cannot access local filesystem)
   📂 Found 2024 directory: /tmp/cve/cvelistV5-main/cves/2024
   🎯 Only copying 2024 CVEs for efficiency...
Wrote 9943 bytes.
Wrote 5334 bytes.
Wrote 15645 bytes.
Wrote 10115 bytes.
Wrote 5284 bytes.
Wrote 7956 bytes.
Wrote 10339 bytes.
Wrote 5354 bytes.
Wrote 8050 bytes.
Wrote 5162 bytes.
Wrote 4928 bytes.
Wrote 4846 bytes.
Wrote 5436 bytes.
Wrote 6664 bytes.
Wrote 4815 bytes.
Wrote 8366 bytes.
Wrote 5073 bytes.
Wrote 4966 bytes.
Wrote 5139 bytes.
Wrote 10116 bytes.
Wrote 5768 bytes.
Wrote 5398 bytes.
Wro

com.databricks.backend.common.rpc.CommandCancelledException
	at com.databricks.spark.chauffeur.SequenceExecutionState.$anonfun$cancel$5(SequenceExecutionState.scala:132)
	at scala.Option.getOrElse(Option.scala:189)
	at com.databricks.spark.chauffeur.SequenceExecutionState.$anonfun$cancel$3(SequenceExecutionState.scala:132)
	at com.databricks.spark.chauffeur.SequenceExecutionState.$anonfun$cancel$3$adapted(SequenceExecutionState.scala:129)
	at scala.collection.immutable.Range.foreach(Range.scala:158)
	at com.databricks.spark.chauffeur.SequenceExecutionState.cancel(SequenceExecutionState.scala:129)
	at com.databricks.spark.chauffeur.ExecContextState.cancelRunningSequence(ExecContextState.scala:715)
	at com.databricks.spark.chauffeur.ExecContextState.$anonfun$cancel$1(ExecContextState.scala:435)
	at scala.Option.getOrElse(Option.scala:189)
	at com.databricks.spark.chauffeur.ExecContextState.cancel(ExecContextState.scala:435)
	at com.databricks.spark.chauffeur.ExecutionContextManagerV1.can

In [0]:
len(dbutils.fs.ls("/Volumes/workspace/default/assignment1/cve/json_files/"))

38727