Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26906
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2024-26906 b/active/CVE-2024-26906
new file mode 100644
index 000000000..6be727234
--- /dev/null
+++ b/active/CVE-2024-26906
@@ -0,0 +1,16 @@
+Description: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
+References:
+Notes:
+ carnil> First introducing commit could not be determined.
+Bugs:
+upstream: released (6.8-rc6) [32019c659ecfe1d92e3bf9fcdfbb11a7c70acd58]
+6.8-upstream-stable: N/A "Fixed before branching point"
+6.7-upstream-stable: released (6.7.11) [29bd6f86904682adafe9affbc7f79b14defcaff8]
+6.6-upstream-stable: released (6.6.23) [57f78c46f08198e1be08ffe99c4c1ccc12855bf5]
+6.1-upstream-stable: released (6.1.83) [f175de546a3eb77614d94d4c02550181c0a8493e]
+5.10-upstream-stable: released (5.10.214) [6e4694e65b6db4c3de125115dd4f55848cc48381]
+4.19-upstream-stable: needed
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26906
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)