Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26860
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26860 b/active/CVE-2024-26860
new file mode 100644
index 00000000..579360f7
--- /dev/null
+++ b/active/CVE-2024-26860
@@ -0,0 +1,17 @@
+Description: dm-integrity: fix a memory leak when rechecking the data
+References:
+Notes:
+ carnil> Introduced in c88f5e553fe3 ("dm-integrity: recheck the integrity tag after a
+ carnil> failure"). Vulnerable versions: 6.1.80 6.6.19 6.7.7 6.8-rc6.
+Bugs:
+upstream: released (6.9-rc1) [55e565c42dce81a4e49c13262d5bc4eb4c2e588a]
+6.8-upstream-stable: released (6.8.2) [6d35654f03c35c273240d85ec67e3f2c3596c4e0]
+6.7-upstream-stable: released (6.7.11) [74abc2fe09691f3d836d8a54d599ca71f1e4287b]
+6.6-upstream-stable: released (6.6.23) [338580a7fb9b0930bb38098007e89cc0fc496bf7]
+6.1-upstream-stable: released (6.1.83) [20e21c3c0195d915f33bc7321ee6b362177bf5bf]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26860
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)