Add new batch of CVEs assigned

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-04 21:03:24 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-04 21:03:24 +0200
commit: 509a8073b54876c19b79eb622cc24fde0309bb38 (patch)
tree: f14b6050fb356f8e081b5149333a8649a722215c /active/CVE-2024-26792
parent: e2b12639eebeadc5925bec1ffdecf7df5192aace (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26792 b/active/CVE-2024-26792
new file mode 100644
index 00000000..e2207df2
--- /dev/null
+++ b/active/CVE-2024-26792
@@ -0,0 +1,17 @@
+Description: btrfs: fix double free of anonymous device after snapshot creation failure
+References:
+Notes:
+ carnil> Introduced in e03ee2fe873e ("btrfs: do not ASSERT() if the newly created
+ carnil> subvolume already got read"). Vulnerable versions: 5.10.210 5.15.149 6.1.79
+ carnil> 6.6.18 6.7.6 6.8-rc4.
+Bugs:
+upstream: released (6.8-rc7) [e2b54eaf28df0c978626c9736b94f003b523b451]
+6.7-upstream-stable: released (6.7.9) [c8ab7521665bd0f8bc4a900244d1d5a7095cc3b9]
+6.6-upstream-stable: released (6.6.21) [eb3441093aad251418921246fc3b224fd1575701]
+6.1-upstream-stable: released (6.1.81) [c34adc20b91a8e55e048b18d63f4f4ae003ecf8f]
+5.10-upstream-stable: needed
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.7.9-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-04 21:03:24 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-04 21:03:24 +0200
commit	509a8073b54876c19b79eb622cc24fde0309bb38 (patch)
tree	f14b6050fb356f8e081b5149333a8649a722215c /active/CVE-2024-26792
parent	e2b12639eebeadc5925bec1ffdecf7df5192aace (diff)