Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26889
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/active/CVE-2024-26889 b/active/CVE-2024-26889
new file mode 100644
index 000000000..4ab80371f
--- /dev/null
+++ b/active/CVE-2024-26889
@@ -0,0 +1,18 @@
+Description: Bluetooth: hci_core: Fix possible buffer overflow
+References:
+Notes:
+ carnil> Introduced in dcda165706b9 ("Bluetooth: hci_core: Fix build warnings").
+ carnil> Vulnerable versions: 4.14.328 4.19.297 5.4.259 5.10.199 5.15.137 6.1.60 6.5.9
+ carnil> 6.6-rc5.
+Bugs:
+upstream: released (6.9-rc1) [81137162bfaa7278785b24c1fd2e9e74f082e8e4]
+6.8-upstream-stable: released (6.8.2) [2edce8e9a99dd5e4404259d52e754fdc97fb42c2]
+6.7-upstream-stable: released (6.7.11) [8c28598a2c29201d2ba7fc37539a7d41c264fb10]
+6.6-upstream-stable: released (6.6.23) [a41c8efe659caed0e21422876bbb6b73c15b5244]
+6.1-upstream-stable: released (6.1.83) [68644bf5ec6baaff40fc39b3529c874bfda709bd]
+5.10-upstream-stable: released (5.10.214) [d47e6c1932cee02954ea588c9f09fd5ecefeadfc]
+4.19-upstream-stable: released (4.19.311) [6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac]
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26889
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)