diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-02 10:56:31 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-02 10:56:31 +0200 |
| commit | 394790af91161b751b9411f7737a4207ba5c0b55 (patch) | |
| tree | e24f0764bf786f47a569956869194e71add754ec /active/CVE-2024-26673 | |
| parent | 612fa53fe5f7ec56deab8572d3abc0d9f345e3c0 (diff) | |
Add new batch of CVEs assigned from Linux kernel CNA
Manual fixup for the sid version not correctly detecting 6.6.15-1 as the
right now and instead using 6.7.7-1 one.
Diffstat (limited to 'active/CVE-2024-26673')
| -rw-r--r-- | active/CVE-2024-26673 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2024-26673 b/active/CVE-2024-26673 new file mode 100644 index 00000000..2ff096e2 --- /dev/null +++ b/active/CVE-2024-26673 @@ -0,0 +1,16 @@ +Description: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations +References: +Notes: + carnil> Introduced in 857b46027d6f ("netfilter: nft_ct: add ct expectations support"). + carnil> Vulnerable versions: 5.3-rc1. +Bugs: +upstream: released (6.8-rc3) [8059918a1377f2f1fff06af4f5a4ed3d5acd6bc4] +6.7-upstream-stable: released (6.7.4) [38cc1605338d99205a263707f4dde76408d3e0e8] +6.6-upstream-stable: released (6.6.16) [cfe3550ea5df292c9e2d608e8c4560032391847e] +6.1-upstream-stable: released (6.1.77) [0f501dae16b7099e69ee9b0d5c70b8f40fd30e98] +5.10-upstream-stable: released (5.10.210) [65ee90efc928410c6f73b3d2e0afdd762652c09d] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.7.7-1) +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" |