Add initial information for CVE-2023-37454

author: Salvatore Bonaccorso <carnil@debian.org> 2023-07-06 22:26:51 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-07-06 22:26:51 +0200
commit: b43082e730338675db051a1b7677a390243b36f5 (patch)
tree: 40c7ace436bb7a29eb66ab6db2dc8326a8ed52ec /active/CVE-2023-37454
parent: a7e6959f702107e8b7f7165943babcf86d7256c3 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2023-37454 b/active/CVE-2023-37454
new file mode 100644
index 000000000..0b0bcf6e5
--- /dev/null
+++ b/active/CVE-2023-37454
@@ -0,0 +1,16 @@
+Description: use-after-free in udf_put_super and udf_close_lvid functions in fs/udf/super.c
+References:
+ https://lore.kernel.org/all/00000000000056e02f05dfb6e11a%40google.com/T/
+ https://syzkaller.appspot.com/bug?extid=60864ed35b1073540d57
+ https://syzkaller.appspot.com/bug?extid=61564e5023b7229ec85d
+ https://syzkaller.appspot.com/bug?extid=26873a72980f8fa8bc55
+Notes:
+Bugs:
+upstream: needed
+6.1-upstream-stable:
+5.10-upstream-stable:
+4.19-upstream-stable:
+sid:
+6.1-bookworm-security:
+5.10-bullseye-security:
+4.19-buster-security:
author	Salvatore Bonaccorso <carnil@debian.org>	2023-07-06 22:26:51 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-07-06 22:26:51 +0200
commit	b43082e730338675db051a1b7677a390243b36f5 (patch)
tree	40c7ace436bb7a29eb66ab6db2dc8326a8ed52ec /active/CVE-2023-37454
parent	a7e6959f702107e8b7f7165943babcf86d7256c3 (diff)