Add new batch of CVEs assigned

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-04 21:03:24 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-04 21:03:24 +0200
commit: 509a8073b54876c19b79eb622cc24fde0309bb38 (patch)
tree: f14b6050fb356f8e081b5149333a8649a722215c /active/CVE-2024-26793
parent: e2b12639eebeadc5925bec1ffdecf7df5192aace (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2024-26793 b/active/CVE-2024-26793
new file mode 100644
index 000000000..8b63ba8f5
--- /dev/null
+++ b/active/CVE-2024-26793
@@ -0,0 +1,16 @@
+Description: gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
+References:
+Notes:
+ carnil> Introduced in 459aa660eb1d ("gtp: add initial driver for datapath of GPRS
+ carnil> Tunneling Protocol (GTP-U)"). Vulnerable versions: 4.7-rc1.
+Bugs:
+upstream: released (6.8-rc7) [616d82c3cfa2a2146dd7e3ae47bda7e877ee549e]
+6.7-upstream-stable: released (6.7.9) [5366969a19a8a0d2ffb3d27ef6e8905e5e4216f8]
+6.6-upstream-stable: released (6.6.21) [93dd420bc41531c9a31498b9538ca83ba6ec191e]
+6.1-upstream-stable: released (6.1.81) [abd32d7f5c0294c1b2454c5a3b13b18446bac627]
+5.10-upstream-stable: released (5.10.212) [e668b92a3a01429923fd5ca13e99642aab47de69]
+4.19-upstream-stable: released (4.19.309) [01129059d5141d62fae692f7a336ae3bc712d3eb]
+sid: released (6.7.9-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-04 21:03:24 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-04 21:03:24 +0200
commit	509a8073b54876c19b79eb622cc24fde0309bb38 (patch)
tree	f14b6050fb356f8e081b5149333a8649a722215c /active/CVE-2024-26793
parent	e2b12639eebeadc5925bec1ffdecf7df5192aace (diff)