diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-03-13 21:48:46 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-03-13 21:48:46 +0100 |
commit | a9f3898f859d5c7af39d22092a37a0194faf5fa6 (patch) | |
tree | 68135eecf334936e8c4bafc9a49eaec56794c23d /active/CVE-2023-52608 | |
parent | 5530f22abe89be7626524c447906442fb2020d74 (diff) |
Add new set of CVEs
The script struggles over catching correctly that for CVE-2023-52608 and
CVE-2024-26629 the correct sid released version is 6.6.15-1 and not
6.7.7-1.
There remains room for improvement as we want to have the manual review
needed minimal.
Diffstat (limited to 'active/CVE-2023-52608')
-rw-r--r-- | active/CVE-2023-52608 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2023-52608 b/active/CVE-2023-52608 new file mode 100644 index 000000000..8bc9d29b0 --- /dev/null +++ b/active/CVE-2023-52608 @@ -0,0 +1,16 @@ +Description: firmware: arm_scmi: Check mailbox/SMT channel for consistency +References: +Notes: + carnil> Introduced in 5c8a47a5a91d ("firmware: arm_scmi: Make scmi core independent of + carnil> the transport type"). Vulnerable versions: 5.7-rc1. +Bugs: +upstream: released (6.8-rc2) [437a310b22244d4e0b78665c3042e5d1c0f45306] +6.7-upstream-stable: released (6.7.3) [12dc4217f16551d6dee9cbefc23fdb5659558cda] +6.6-upstream-stable: released (6.6.15) [9b5e1b93c83ee5fc9f5d7bd2d45b421bd87774a2] +6.1-upstream-stable: released (6.1.76) [7f95f6997f4fdd17abec3200cae45420a5489350] +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.15-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" |