Add new batch of CVEs assigned

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-04 21:03:24 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-04 21:03:24 +0200
commit: 509a8073b54876c19b79eb622cc24fde0309bb38 (patch)
tree: f14b6050fb356f8e081b5149333a8649a722215c /active/CVE-2024-26782
parent: e2b12639eebeadc5925bec1ffdecf7df5192aace (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2024-26782 b/active/CVE-2024-26782
new file mode 100644
index 000000000..d473e3c69
--- /dev/null
+++ b/active/CVE-2024-26782
@@ -0,0 +1,16 @@
+Description: mptcp: fix double-free on socket dismantle
+References:
+Notes:
+ carnil> Introduced in cf7da0d66cc1 ("mptcp: Create SUBFLOW socket for incoming
+ carnil> connections"). Vulnerable versions: 5.6-rc1.
+Bugs:
+upstream: released (6.8-rc7) [10048689def7e40a4405acda16fdc6477d4ecc5c]
+6.7-upstream-stable: released (6.7.9) [85933e80d077c9ae2227226beb86c22f464059cc]
+6.6-upstream-stable: released (6.6.21) [ce0809ada38dca8d6d41bb57ab40494855c30582]
+6.1-upstream-stable: released (6.1.81) [d93fd40c62397326046902a2c5cb75af50882a85]
+5.10-upstream-stable: released (5.10.212) [f74362a004225df935863dea6eb7d82daaa5b16e]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.7.9-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-04 21:03:24 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-04 21:03:24 +0200
commit	509a8073b54876c19b79eb622cc24fde0309bb38 (patch)
tree	f14b6050fb356f8e081b5149333a8649a722215c /active/CVE-2024-26782
parent	e2b12639eebeadc5925bec1ffdecf7df5192aace (diff)