Add new set of CVEs

The script struggles over catching correctly that for CVE-2023-52608 and CVE-2024-26629 the correct sid released version is 6.6.15-1 and not 6.7.7-1. There remains room for improvement as we want to have the manual review needed minimal.
author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-13 21:48:46 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-13 21:48:46 +0100
commit: a9f3898f859d5c7af39d22092a37a0194faf5fa6 (patch)
tree: 68135eecf334936e8c4bafc9a49eaec56794c23d /active/CVE-2024-26629
parent: 5530f22abe89be7626524c447906442fb2020d74 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26629 b/active/CVE-2024-26629
new file mode 100644
index 00000000..38cccf2f
--- /dev/null
+++ b/active/CVE-2024-26629
@@ -0,0 +1,17 @@
+Description: nfsd: fix RELEASE_LOCKOWNER
+References:
+Notes:
+ carnil> Introduced in ce3c4ad7f4ce ("NFSD: Fix possible sleep during
+ carnil> nfsd4_release_lockowner()"). Vulnerable versions: 4.9.317 4.14.282 4.19.246
+ carnil> 4.19.306 5.4.197 5.10.120 5.15.45 5.17.13 5.18.2 5.19-rc1.
+Bugs:
+upstream: released (6.8-rc2) [edcf9725150e42beeca42d085149f4c88fa97afd]
+6.7-upstream-stable: released (6.7.3) [8f5b860de87039b007e84a28a5eefc888154e098]
+6.6-upstream-stable: released (6.6.15) [b7d2eee1f53899b53f069bba3a59a419fc3d331b]
+6.1-upstream-stable: released (6.1.79) [e4cf8941664cae2f89f0189c29fe2ce8c6be0d03]
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: released (6.6.15-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-13 21:48:46 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-13 21:48:46 +0100
commit	a9f3898f859d5c7af39d22092a37a0194faf5fa6 (patch)
tree	68135eecf334936e8c4bafc9a49eaec56794c23d /active/CVE-2024-26629
parent	5530f22abe89be7626524c447906442fb2020d74 (diff)