Add new batch of CVEs

Fixup for fix in earlier versions as 6.6.15-1 and one N/A as vulnerable code was only introduced in 6.7 series.
author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-18 18:04:48 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-18 18:04:48 +0100
commit: bcd9eccef0863578591f91cfde157a7c1fcf4d9e (patch)
tree: 51bcfe848aef821a7b1a16ad6c272fc86e25630e /active/CVE-2023-52609
parent: 602dff7a3e25bb7b7271a9400d5ff4ce861d05c0 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2023-52609 b/active/CVE-2023-52609
new file mode 100644
index 00000000..c9d98235
--- /dev/null
+++ b/active/CVE-2023-52609
@@ -0,0 +1,16 @@
+Description: binder: fix race between mmput() and do_exit()
+References:
+Notes:
+ carnil> Introduced in 457b9a6f09f0 ("Staging: android: add binder driver"). Vulnerable
+ carnil> versions: 2.6.29-rc1.
+Bugs:
+upstream: released (6.8-rc1) [9a9ab0d963621d9d12199df9817e66982582d5a5]
+6.7-upstream-stable: released (6.7.2) [77d210e8db4d61d43b2d16df66b1ec46fad2ee01]
+6.6-upstream-stable: released (6.6.14) [67f16bf2cc1698fd50e01ee8a2becc5a8e6d3a3e]
+6.1-upstream-stable: released (6.1.75) [6696f76c32ff67fec26823fc2df46498e70d9bf3]
+5.10-upstream-stable: released (5.10.209) [7e7a0d86542b0ea903006d3f42f33c4f7ead6918]
+4.19-upstream-stable: released (4.19.306) [95b1d336b0642198b56836b89908d07b9a0c9608]
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-18 18:04:48 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-18 18:04:48 +0100
commit	bcd9eccef0863578591f91cfde157a7c1fcf4d9e (patch)
tree	51bcfe848aef821a7b1a16ad6c272fc86e25630e /active/CVE-2023-52609
parent	602dff7a3e25bb7b7271a9400d5ff4ce861d05c0 (diff)