From e027978684deb78966b761664e069b34556a8881 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 25 Apr 2024 08:42:19 +0200 Subject: Add newly assigned CVEs from kernel CNA --- active/CVE-2024-26923 | 16 ++++++++++++++++ active/CVE-2024-26924 | 16 ++++++++++++++++ active/CVE-2024-26925 | 16 ++++++++++++++++ active/CVE-2024-26926 | 16 ++++++++++++++++ 4 files changed, 64 insertions(+) create mode 100644 active/CVE-2024-26923 create mode 100644 active/CVE-2024-26924 create mode 100644 active/CVE-2024-26925 create mode 100644 active/CVE-2024-26926 diff --git a/active/CVE-2024-26923 b/active/CVE-2024-26923 new file mode 100644 index 00000000..871599fb --- /dev/null +++ b/active/CVE-2024-26923 @@ -0,0 +1,16 @@ +Description: af_unix: Fix garbage collector racing against connect() +References: +Notes: + carnil> Introduced in 1fd05ba5a2f2 ("[AF_UNIX]: Rewrite garbage collector, fixes + carnil> race."). Vulnerable versions: 2.6.23-rc1. +Bugs: +upstream: released (6.9-rc4) [47d8ac011fe1c9251070e1bd64cb10b48193ec51] +6.8-upstream-stable: released (6.8.7) [dbdf7bec5c920200077d693193f989cb1513f009] +6.6-upstream-stable: released (6.6.28) [507cc232ffe53a352847893f8177d276c3b532a9] +6.1-upstream-stable: released (6.1.87) [b75722be422c276b699200de90527d01c602ea7c] +5.10-upstream-stable: needed +4.19-upstream-stable: needed +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: needed diff --git a/active/CVE-2024-26924 b/active/CVE-2024-26924 new file mode 100644 index 00000000..0ac38629 --- /dev/null +++ b/active/CVE-2024-26924 @@ -0,0 +1,16 @@ +Description: netfilter: nft_set_pipapo: do not free live element +References: +Notes: + carnil> Introduced in 3c4287f62044 ("nf_tables: Add set type for arbitrary + carnil> concatenation of ranges"). Vulnerable versions: 5.6-rc1. +Bugs: +upstream: released (6.9-rc5) [3cfc9ec039af60dbd8965ae085b2c2ccdcfbe1cc] +6.8-upstream-stable: needed +6.6-upstream-stable: needed +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26925 b/active/CVE-2024-26925 new file mode 100644 index 00000000..7d074641 --- /dev/null +++ b/active/CVE-2024-26925 @@ -0,0 +1,16 @@ +Description: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path +References: +Notes: + carnil> Introduced in 720344340fb9 ("netfilter: nf_tables: GC transaction race with + carnil> abort path"). Vulnerable versions: 5.4.262 5.10.198 5.15.134 6.1.56 6.4.13 6.5. +Bugs: +upstream: released (6.9-rc3) [0d459e2ffb541841714839e8228b845458ed3b27] +6.8-upstream-stable: released (6.8.5) [a34ba4bdeec0c3b629160497594908dc820110f1] +6.6-upstream-stable: released (6.6.26) [8038ee3c3e5b59bcd78467686db5270c68544e30] +6.1-upstream-stable: released (6.1.86) [8d3a58af50e46167b6f1db47adadad03c0045dae] +5.10-upstream-stable: released (5.10.215) [2cee2ff7f8cce12a63a0a23ffe27f08d99541494] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2024-26926 b/active/CVE-2024-26926 new file mode 100644 index 00000000..c8b4d1bd --- /dev/null +++ b/active/CVE-2024-26926 @@ -0,0 +1,16 @@ +Description: binder: check offset alignment in binder_get_object() +References: +Notes: + carnil> Introduced in 6d98eb95b450 ("binder: avoid potential data leakage when copying + carnil> txn"). Vulnerable versions: 5.4.226 5.10.157 5.15.17 5.16.3 5.17-rc1. +Bugs: +upstream: released (6.9-rc5) [aaef73821a3b0194a01bd23ca77774f704a04d40] +6.8-upstream-stable: needed +6.6-upstream-stable: needed +6.1-upstream-stable: needed +5.10-upstream-stable: needed +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: needed +6.1-bookworm-security: needed +5.10-bullseye-security: needed +4.19-buster-security: N/A "Vulnerable code not present" -- cgit v1.2.3