Add CVE-2023-28466

Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
author: Salvatore Bonaccorso <carnil@debian.org> 2023-03-16 08:31:27 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-03-16 08:31:27 +0100
commit: 7cfe0743967a5a9136528e03fc8b98e808c50b09 (patch)
tree: cd1313499d3509aded34206f9a720d3fee0336e4 /active/CVE-2023-28466
parent: b8cd120f3e8aaf73e8c81ff5d8d25a09189507bf (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/active/CVE-2023-28466 b/active/CVE-2023-28466
new file mode 100644
index 000000000..74772b473
--- /dev/null
+++ b/active/CVE-2023-28466
@@ -0,0 +1,13 @@
+Description: net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
+References:
+Notes:
+ carnil> source-wise affecting all suites, but we enable CONFIG_TLS only
+ carnil> since bookworm.
+Bugs:
+upstream: released (6.3-rc2) [49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962]
+6.1-upstream-stable: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2023-03-16 08:31:27 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-03-16 08:31:27 +0100
commit	7cfe0743967a5a9136528e03fc8b98e808c50b09 (patch)
tree	cd1313499d3509aded34206f9a720d3fee0336e4 /active/CVE-2023-28466
parent	b8cd120f3e8aaf73e8c81ff5d8d25a09189507bf (diff)