Add CVE-2023-4194 and expand notes on CVE-2023-1076

author: Salvatore Bonaccorso <carnil@debian.org> 2023-08-07 08:44:06 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-08-07 08:44:44 +0200
commit: 62cdf2663664b54ba345238910f540c8656beb86 (patch)
tree: 8849f65f356e5fecae7b6a1d9a661f392f226fdb /active/CVE-2023-4194
parent: ea567e45ef820a0d188314f77393cefc92766c6a (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2023-4194 b/active/CVE-2023-4194
new file mode 100644
index 00000000..8f3b514b
--- /dev/null
+++ b/active/CVE-2023-4194
@@ -0,0 +1,16 @@
+Description: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2229498
+ https://lore.kernel.org/all/20230731164237.48365-1-lersek@redhat.com/
+ https://lore.kernel.org/all/20230731164237.48365-2-lersek@redhat.com/
+ https://lore.kernel.org/all/20230731164237.48365-3-lersek@redhat.com/
+Notes:
+Bugs:
+upstream: released (6.5-rc5) [9bc3047374d5bec163e83e743709e23753376f0c, 5c9241f3ceab3257abe2923a59950db0dc8bb737]
+6.1-upstream-stable:
+5.10-upstream-stable:
+4.19-upstream-stable:
+sid:
+6.1-bookworm-security:
+5.10-bullseye-security:
+4.19-buster-security:
author	Salvatore Bonaccorso <carnil@debian.org>	2023-08-07 08:44:06 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-08-07 08:44:44 +0200
commit	62cdf2663664b54ba345238910f540c8656beb86 (patch)
tree	8849f65f356e5fecae7b6a1d9a661f392f226fdb /active/CVE-2023-4194
parent	ea567e45ef820a0d188314f77393cefc92766c6a (diff)