Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26884
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26884 b/active/CVE-2024-26884
new file mode 100644
index 000000000..fa4b4e667
--- /dev/null
+++ b/active/CVE-2024-26884
@@ -0,0 +1,17 @@
+Description: bpf: Fix hashtab overflow check on 32-bit arches
+References:
+Notes:
+ carnil> Introduced in daaf427c6ab3 ("bpf: fix arraymap NULL deref and missing overflow
+ carnil> and zero size checks"). Vulnerable versions: 3.19-rc1.
+Bugs:
+upstream: released (6.9-rc1) [6787d916c2cf9850c97a0a3f73e08c43e7d973b1]
+6.8-upstream-stable: released (6.8.2) [a6fa75b5096c0f9826a4fabe22d907b0a5bb1016]
+6.7-upstream-stable: released (6.7.11) [d817f0d34d927f2deb17dadbfe212c9a6a32ac3e]
+6.6-upstream-stable: released (6.6.23) [8435f0961bf3dc65e204094349bd9aeaac1f8868]
+6.1-upstream-stable: released (6.1.83) [a83fdaeaea3677b83a53f72ace2d73a19bcd6d93]
+5.10-upstream-stable: released (5.10.214) [64f00b4df0597590b199b62a37a165473bf658a6]
+4.19-upstream-stable: released (4.19.311) [33ec04cadb77605b71d9298311919303d390c4d5]
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26884
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)