Add CVE-2023-4194 and expand notes on CVE-2023-1076

author: Salvatore Bonaccorso <carnil@debian.org> 2023-08-07 08:44:06 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-08-07 08:44:44 +0200
commit: 62cdf2663664b54ba345238910f540c8656beb86 (patch)
tree: 8849f65f356e5fecae7b6a1d9a661f392f226fdb /active/CVE-2023-1076
parent: ea567e45ef820a0d188314f77393cefc92766c6a (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/active/CVE-2023-1076 b/active/CVE-2023-1076
index c56b2d2e..eddf3194 100644
--- a/active/CVE-2023-1076
+++ b/active/CVE-2023-1076
@@ -3,8 +3,11 @@ References:
  https://bugzilla.redhat.com/show_bug.cgi?id=2173435
  https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=66b2c338adce580dfce2199591e65e2bab889cff
  https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=a096ccca6e503a5c575717ff8a36ace27510ab0a
+ https://bugzilla.redhat.com/show_bug.cgi?id=2229498
 Notes:
  carnil> Commit fixes 86741ec25462 ("net: core: Add a UID field to struct sock.").
+ carnil> Initial commits to address CVE-2023-1076 were incorrect
+ carnil> resulting in CVE-2023-4194.
 Bugs:
 upstream: released (6.3-rc1) [66b2c338adce580dfce2199591e65e2bab889cff, a096ccca6e503a5c575717ff8a36ace27510ab0a]
 6.1-upstream-stable: released (6.1.16) [035a80733ec47ed81aa159e16e56d2de106d3335, b4ada752eaf1341f47bfa3d8ada377eca75a8d44]
author	Salvatore Bonaccorso <carnil@debian.org>	2023-08-07 08:44:06 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-08-07 08:44:44 +0200
commit	62cdf2663664b54ba345238910f540c8656beb86 (patch)
tree	8849f65f356e5fecae7b6a1d9a661f392f226fdb /active/CVE-2023-1076
parent	ea567e45ef820a0d188314f77393cefc92766c6a (diff)