Add new batch of CVEs from Kernel vulns repository

author: Salvatore Bonaccorso <carnil@debian.org> 2024-02-29 19:21:43 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-02-29 19:21:43 +0100
commit: 4623b36743bf6c013300f7df620ed4f2494214a1 (patch)
tree: 52fd98d1cd4cee84525095dcdaa1fb89e9d6803e /active/CVE-2023-52491
parent: c289ed05ac639a3e8c9efc1122633dd94123af99 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2023-52491 b/active/CVE-2023-52491
new file mode 100644
index 000000000..a0b5909be
--- /dev/null
+++ b/active/CVE-2023-52491
@@ -0,0 +1,16 @@
+Description: media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run
+References:
+Notes:
+ carnil> Introduced in b2f0d2724ba4 ("[media] vcodec: mediatek: Add Mediatek JPEG
+ carnil> Decoder Driver"). Vulnerable versions: 4.12-rc1.
+Bugs:
+upstream: released (6.8-rc1) [206c857dd17d4d026de85866f1b5f0969f2a109e]
+6.7-upstream-stable: released (6.7.3) [6e2f37022f0fc0893da4d85a0500c9d547fffd4c]
+6.6-upstream-stable: released (6.6.15) [8254d54d00eb6cdb8367399c7f912eb8d354ecd7]
+6.1-upstream-stable: released (6.1.76) [9fec4db7fff54d9b0306a332bab31eac47eeb5f6]
+5.10-upstream-stable: released (5.10.210) [43872f44eee6c6781fea1348b38885d8e78face9]
+4.19-upstream-stable: needed
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-02-29 19:21:43 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-02-29 19:21:43 +0100
commit	4623b36743bf6c013300f7df620ed4f2494214a1 (patch)
tree	52fd98d1cd4cee84525095dcdaa1fb89e9d6803e /active/CVE-2023-52491
parent	c289ed05ac639a3e8c9efc1122633dd94123af99 (diff)