diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-02-20 23:17:35 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-02-20 23:17:35 +0100 |
commit | a9846882933a665a393defabda77e2a599c0a021 (patch) | |
tree | 8e97a37c88412b1b6e5baee4583bf038a5c0cf87 /retired | |
parent | e5db6f266fde91722863c1a2ff3f3665d36a1501 (diff) |
Retire some CVEs
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2023-52433 | 17 | ||||
-rw-r--r-- | retired/CVE-2023-52438 | 15 | ||||
-rw-r--r-- | retired/CVE-2024-25744 | 12 |
3 files changed, 44 insertions, 0 deletions
diff --git a/retired/CVE-2023-52433 b/retired/CVE-2023-52433 new file mode 100644 index 00000000..dab95f09 --- /dev/null +++ b/retired/CVE-2023-52433 @@ -0,0 +1,17 @@ +Description: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction +References: + https://lore.kernel.org/linux-cve-announce/2024022058-outsell-equator-e1c5@gregkh/ +Notes: + carnil> Introduced with f6c383b8c31a ("netfilter: nf_tables: adapt set + carnil> backend to use GC transaction API") in 6.5-rc5 which got + carnil> backported to 5.10.198, 6.1.56 and 6.4.11. But for 5.10.y and + carnil> 6.1.y fixed in the same upstream version along. +Bugs: +upstream: released (6.6-rc1) [2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4] +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.5.6-1) +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2023-52438 b/retired/CVE-2023-52438 new file mode 100644 index 00000000..f499922c --- /dev/null +++ b/retired/CVE-2023-52438 @@ -0,0 +1,15 @@ +Description: binder: fix use-after-free in shinker's callback +References: + https://lore.kernel.org/linux-cve-announce/2024022017-slit-wish-e5d7@gregkh/ +Notes: + carnil> Commit fixes dd2283f2605e ("mm: mmap: zap pages with read + carnil> mmap_sem in munmap") in 4.20-rc1. +Bugs: +upstream: released (6.8-rc1) [3f489c2067c5824528212b0fc18b28d51332d906] +6.1-upstream-stable: released (6.1.74) [9fa04c93f24138747807fe75b5591bb680098f56] +5.10-upstream-stable: released (5.10.209) [c8c1158ffb007197f31f9d9170cf13e4f34cbb5c] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.13-1) +6.1-bookworm-security: released (6.1.76-1) +5.10-bullseye-security: released (5.10.209-1) +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2024-25744 b/retired/CVE-2024-25744 new file mode 100644 index 00000000..fad18842 --- /dev/null +++ b/retired/CVE-2024-25744 @@ -0,0 +1,12 @@ +Description: x86/coco: Disable 32-bit emulation by default on TDX and SEV +References: +Notes: +Bugs: +upstream: released (6.7-rc5) [b82a8dbd3d2f4563156f7150c6f2ecab6e960b30] +6.1-upstream-stable: released (6.1.68) [b8ec27ae221eee458b15b700706db311474ac619] +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.6.8-1) +6.1-bookworm-security: released (6.1.69-1) +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" |