Add CVE-2022-4129

author: Salvatore Bonaccorso <carnil@debian.org> 2022-11-24 06:15:13 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-11-24 06:15:13 +0100
commit: d43ff99de2a2e804d09b3ca2fdfacf54d2049559 (patch)
tree: d222ce9c5b4385a68e34fa7e15b05236c0ff14e0 /active/CVE-2022-4129
parent: 3cbc63dfc417229768e40f12cfabb58c48c53c39 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/active/CVE-2022-4129 b/active/CVE-2022-4129
new file mode 100644
index 000000000..e6f2a02f3
--- /dev/null
+++ b/active/CVE-2022-4129
@@ -0,0 +1,15 @@
+Description: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2134528
+ https://lore.kernel.org/all/20220810102848.282778-1-jakub@cloudflare.com/t
+ https://lore.kernel.org/all/20220815130107.149345-1-jakub@cloudflare.com/t
+ https://lore.kernel.org/all/20220823101459.211986-1-jakub@cloudflare.com/t
+ https://lore.kernel.org/all/20221114191619.124659-1-jakub@cloudflare.com/t
+Notes:
+Bugs:
+upstream: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2022-11-24 06:15:13 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-11-24 06:15:13 +0100
commit	d43ff99de2a2e804d09b3ca2fdfacf54d2049559 (patch)
tree	d222ce9c5b4385a68e34fa7e15b05236c0ff14e0 /active/CVE-2022-4129
parent	3cbc63dfc417229768e40f12cfabb58c48c53c39 (diff)