Add new batch of CVEs

Fixup for fix in earlier versions as 6.6.15-1 and one N/A as vulnerable code was only introduced in 6.7 series.
author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-18 18:04:48 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-18 18:04:48 +0100
commit: bcd9eccef0863578591f91cfde157a7c1fcf4d9e (patch)
tree: 51bcfe848aef821a7b1a16ad6c272fc86e25630e /active/CVE-2024-26633
parent: 602dff7a3e25bb7b7271a9400d5ff4ce861d05c0 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26633 b/active/CVE-2024-26633
new file mode 100644
index 000000000..fe33d7a53
--- /dev/null
+++ b/active/CVE-2024-26633
@@ -0,0 +1,17 @@
+Description: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
+References:
+Notes:
+ carnil> Introduced in fbfa743a9d2a ("ipv6: fix ip6_tnl_parse_tlv_enc_lim()").
+ carnil> Vulnerable versions: 3.2.87 3.10.106 3.12.71 3.16.42 3.18.49 4.4.50 4.9.11
+ carnil> 4.10-rc6.
+Bugs:
+upstream: released (6.8-rc1) [d375b98e0248980681e5e56b712026174d617198]
+6.7-upstream-stable: released (6.7.2) [ba8d904c274268b18ef3dc11d3ca7b24a96cb087]
+6.6-upstream-stable: released (6.6.14) [687c5d52fe53e602e76826dbd4d7af412747e183]
+6.1-upstream-stable: released (6.1.75) [62a1fedeb14c7ac0947ef33fadbabd35ed2400a2]
+5.10-upstream-stable: released (5.10.209) [da23bd709b46168f7dfc36055801011222b076cd]
+4.19-upstream-stable: released (4.19.306) [135414f300c5db995e2a2f3bf0f455de9d014aee]
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: released (5.10.209-1)
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-18 18:04:48 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-18 18:04:48 +0100
commit	bcd9eccef0863578591f91cfde157a7c1fcf4d9e (patch)
tree	51bcfe848aef821a7b1a16ad6c272fc86e25630e /active/CVE-2024-26633
parent	602dff7a3e25bb7b7271a9400d5ff4ce861d05c0 (diff)