Add CVE-2024-22099

author: Salvatore Bonaccorso <carnil@debian.org> 2024-01-25 14:46:42 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-01-25 14:46:42 +0100
commit: 4fe7c3b7985357abc098bd37c2985f09c74cec82 (patch)
tree: 20665463325c546e138c54dce6eb5aaa93a6a81e /active/CVE-2024-22099
parent: 1962ac59d4adfe767c5780a2d4622b2d6d98a71e (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/active/CVE-2024-22099 b/active/CVE-2024-22099
new file mode 100644
index 000000000..8babcf844
--- /dev/null
+++ b/active/CVE-2024-22099
@@ -0,0 +1,21 @@
+Description:
+References:
+ https://bugzilla.openanolis.cn/show_bug.cgi?id=7956
+Notes:
+ carnil> The CVE description reads as "NULL Pointer Dereference
+ carnil> vulnerability in Linux Linux kernel kernel on Linux, x86, ARM
+ carnil> (net, bluetooth modules) allows Overflow Buffers. This
+ carnil> vulnerability is associated with program files
+ carnil> /net/bluetooth/rfcomm/core.c. This issue affects Linux kernel:
+ carnil> v2.6.12-rc2." and gives an indication on affected ranges from
+ carnil> v2.6.12-rc2 before v6.8-rc1. The OpenAnolis issue is to date
+ carnil> (2024-01-25) still restricted.
+Bugs:
+upstream:
+6.1-upstream-stable:
+5.10-upstream-stable:
+4.19-upstream-stable:
+sid:
+6.1-bookworm-security:
+5.10-bullseye-security:
+4.19-buster-security:
author	Salvatore Bonaccorso <carnil@debian.org>	2024-01-25 14:46:42 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-01-25 14:46:42 +0100
commit	4fe7c3b7985357abc098bd37c2985f09c74cec82 (patch)
tree	20665463325c546e138c54dce6eb5aaa93a6a81e /active/CVE-2024-22099
parent	1962ac59d4adfe767c5780a2d4622b2d6d98a71e (diff)