Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26895
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26895 b/active/CVE-2024-26895
new file mode 100644
index 000000000..1a186319b
--- /dev/null
+++ b/active/CVE-2024-26895
@@ -0,0 +1,17 @@
+Description: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces
+References:
+Notes:
+ carnil> Introduced in 8399918f3056 ("staging: wilc1000: use RCU list to maintain vif
+ carnil> interfaces list"). Vulnerable versions: 5.5-rc1.
+Bugs:
+upstream: released (6.9-rc1) [cb5942b77c05d54310a0420cac12935e9b6aa21c]
+6.8-upstream-stable: released (6.8.2) [73a2aa0aef86c2c07be5a2f42c9e6047e1a2f7bb]
+6.7-upstream-stable: released (6.7.11) [24228dcf1d30c2231caa332be7d3090ac59fbfe9]
+6.6-upstream-stable: released (6.6.23) [3da9d32b7f4a1a9f7e4bb15bb82f2b2dd6719447]
+6.1-upstream-stable: released (6.1.83) [a9545af2a533739ffb64d6c9a6fec6f13e2b505f]
+5.10-upstream-stable: released (5.10.214) [5956f4203b6cdd0755bbdd21b45f3933c7026208]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26895
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)