Add new batch of CVEs assigned for Linux

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-03 21:33:11 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-03 21:33:11 +0200
commit: e2b12639eebeadc5925bec1ffdecf7df5192aace (patch)
tree: c43a5a7f293006eced7e9c712f34efab9c774abb /active/CVE-2024-26695
parent: 03801e090c9fbe79615a6fe3fc2a075311f2bd8b (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26695 b/active/CVE-2024-26695
new file mode 100644
index 000000000..c20f1c9f0
--- /dev/null
+++ b/active/CVE-2024-26695
@@ -0,0 +1,17 @@
+Description: crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked
+References:
+Notes:
+ carnil> Introduced in 1b05ece0c931 ("crypto: ccp - During shutdown, check SEV data
+ carnil> pointer before using"). Vulnerable versions: 5.10.137 5.15.61 5.18.18 5.19.2
+ carnil> 6.0-rc1.
+Bugs:
+upstream: released (6.8-rc4) [ccb88e9549e7cfd8bcd511c538f437e20026e983]
+6.7-upstream-stable: released (6.7.6) [b5909f197f3b26aebedca7d8ac7b688fd993a266]
+6.6-upstream-stable: released (6.6.18) [88aa493f393d2ee38ac140e1f6ac1881346e85d4]
+6.1-upstream-stable: released (6.1.79) [8731fe001a60581794ed9cf65da8cd304846a6fb]
+5.10-upstream-stable: released (5.10.210) [58054faf3bd29cd0b949b77efcb6157f66f401ed]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.7.7-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-03 21:33:11 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-03 21:33:11 +0200
commit	e2b12639eebeadc5925bec1ffdecf7df5192aace (patch)
tree	c43a5a7f293006eced7e9c712f34efab9c774abb /active/CVE-2024-26695
parent	03801e090c9fbe79615a6fe3fc2a075311f2bd8b (diff)