Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26875
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26875 b/active/CVE-2024-26875
new file mode 100644
index 00000000..87159ce2
--- /dev/null
+++ b/active/CVE-2024-26875
@@ -0,0 +1,17 @@
+Description: media: pvrusb2: fix uaf in pvr2_context_set_notify
+References:
+Notes:
+ carnil> Introduced in e5be15c63804 ("V4L/DVB (7711): pvrusb2: Fix race on module
+ carnil> unload"). Vulnerable versions: 2.6.26-rc1.
+Bugs:
+upstream: released (6.9-rc1) [0a0b79ea55de8514e1750884e5fec77f9fdd01ee]
+6.8-upstream-stable: released (6.8.2) [eaa410e05bdf562c90b23cdf2d9327f9c4625e16]
+6.7-upstream-stable: released (6.7.11) [40cd818fae875c424a8335009db33c7b5a07de3a]
+6.6-upstream-stable: released (6.6.23) [8e60b99f6b7ccb3badeb512f5eb613ad45904592]
+6.1-upstream-stable: released (6.1.83) [3a1ec89708d2e57e2712f46241282961b1a7a475]
+5.10-upstream-stable: released (5.10.214) [ab896d93fd6a2cd1afeb034c3cc9226cb499209f]
+4.19-upstream-stable: released (4.19.311) [ed8000e1e8e9684ab6c30cf2b526c0cea039929c]
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26875
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)