Add CVE-2023-52439

author: Salvatore Bonaccorso <carnil@debian.org> 2024-02-20 21:32:26 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-02-20 21:32:26 +0100
commit: 28cf1e7e18409e5cfeec233692d6f5976ccddf12 (patch)
tree: 4093d7c6d5c964859b6fbf2b043486fa04834a9e /active/CVE-2023-52439
parent: ced515443edf8a082a1d2b6f1f7a87dcda416c5b (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/active/CVE-2023-52439 b/active/CVE-2023-52439
new file mode 100644
index 000000000..ac50bca97
--- /dev/null
+++ b/active/CVE-2023-52439
@@ -0,0 +1,15 @@
+Description: uio: Fix use-after-free in uio_open
+References:
+ https://lore.kernel.org/linux-cve-announce/2024022026-wobbling-jumbo-748e@gregkh/
+Notes:
+ carnil> Commit fixes 57c5f4df0a5a ("uio: fix crash after the device is
+ carnil> unregistered") in 4.18-rc5.
+Bugs:
+upstream: released (6.8-rc1) [0c9ae0b8605078eafc3bea053cc78791e97ba2e2]
+6.1-upstream-stable: released (6.1.74) [17a8519cb359c3b483fb5c7367efa9a8a508bdea]
+5.10-upstream-stable: released (5.10.209) [5e0be1229ae199ebb90b33102f74a0f22d152570]
+4.19-upstream-stable: released (4.19.306) [3174e0f7de1ba392dc191625da83df02d695b60c]
+sid: released (6.6.13-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-02-20 21:32:26 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-02-20 21:32:26 +0100
commit	28cf1e7e18409e5cfeec233692d6f5976ccddf12 (patch)
tree	4093d7c6d5c964859b6fbf2b043486fa04834a9e /active/CVE-2023-52439
parent	ced515443edf8a082a1d2b6f1f7a87dcda416c5b (diff)