Add two new assigned CVEs

2 files changed, 32 insertions, 0 deletions

diff --git a/active/CVE-2024-26651 b/active/CVE-2024-26651
new file mode 100644
index 00000000..5b8b8f51
--- /dev/null
+++ b/active/CVE-2024-26651
@@ -0,0 +1,16 @@
+Description: sr9800: Add check for usbnet_get_endpoints
+References:
+Notes:
+ carnil> Introduced in 19a38d8e0aa3 ("USB2NET : SR9800 : One chip USB2.0 USB2NET SR9800
+ carnil> Device Driver Support"). Vulnerable versions: 3.14-rc3.
+Bugs:
+upstream: released (6.9-rc1) [07161b2416f740a2cb87faa5566873f401440a61]
+6.7-upstream-stable: released (6.7.11) [efba65777f98457773c5b65e3135c6132d3b015f]
+6.6-upstream-stable: released (6.6.23) [e39a3a14eafcf17f03c037290b78c8f483529028]
+6.1-upstream-stable: released (6.1.83) [9c402819620a842cbfe39359a3ddfaac9adc8384]
+5.10-upstream-stable: released (5.10.214) [6b4a39acafaf0186ed8e97c16e0aa6fca0e52009]
+4.19-upstream-stable: released (4.19.311) [424eba06ed405d557077339edb19ce0ebe39e7c7]
+sid: needed
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2024-26652 b/active/CVE-2024-26652
new file mode 100644
index 00000000..be76ef1d
--- /dev/null
+++ b/active/CVE-2024-26652
@@ -0,0 +1,16 @@
+Description: net: pds_core: Fix possible double free in error handling path
+References:
+Notes:
+ carnil> Introduced in 4569cce43bc6 ("pds_core: add auxiliary_bus devices"). Vulnerable
+ carnil> versions: 6.4-rc1.
+Bugs:
+upstream: released (6.8) [ba18deddd6d502da71fd6b6143c53042271b82bd]
+6.7-upstream-stable: released (6.7.10) [ffda0e962f270b3ec937660afd15b685263232d3]
+6.6-upstream-stable: released (6.6.22) [995f802abff209514ac2ee03b96224237646cec3]
+6.1-upstream-stable: N/A "Vulnerable code not present"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+6.1-bookworm-security: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"