diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-02-27 22:26:31 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-02-27 22:26:31 +0100 |
commit | 2c3627cb43e5f6cfc12ab3a585708270aa17054c (patch) | |
tree | 69306a1794164935af207a5f75e2740cdd611dab | |
parent | 25bf58c72cfeaae58761facec24fc6d99d7bab50 (diff) |
Add CVE-2021-4695{6,7,8}
-rw-r--r-- | active/CVE-2021-46956 | 16 | ||||
-rw-r--r-- | active/CVE-2021-46957 | 16 | ||||
-rw-r--r-- | active/CVE-2021-46958 | 16 |
3 files changed, 48 insertions, 0 deletions
diff --git a/active/CVE-2021-46956 b/active/CVE-2021-46956 new file mode 100644 index 00000000..02cd88f7 --- /dev/null +++ b/active/CVE-2021-46956 @@ -0,0 +1,16 @@ +Description: virtiofs: fix memory leak in virtio_fs_probe() +References: +Notes: + carnil> Introduced in a62a8ef9d97d ("virtio-fs: add virtiofs filesystem"). Vulnerable + carnil> versions: 5.4-rc1. +Bugs: +upstream: released (5.13-rc1) [c79c5e0178922a9e092ec8fed026750f39dcaef4] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.36) [d19555ff225d0896a33246a49279e6d578095f15] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-46957 b/active/CVE-2021-46957 new file mode 100644 index 00000000..468ff7b4 --- /dev/null +++ b/active/CVE-2021-46957 @@ -0,0 +1,16 @@ +Description: riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe +References: +Notes: + carnil> Introduced in c22b0bcb1dd02 ("riscv: Add kprobes supported"). Vulnerable + carnil> versions: 5.12-rc1. +Bugs: +upstream: released (5.13-rc1) [b1ebaa0e1318494a7637099a26add50509e37964] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: N/A "Vulnerable code not present" +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-46958 b/active/CVE-2021-46958 new file mode 100644 index 00000000..4cec7d4c --- /dev/null +++ b/active/CVE-2021-46958 @@ -0,0 +1,16 @@ +Description: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free +References: +Notes: + carnil> Introduced in ef67963dac255b ("btrfs: drop logs when we've aborted a + carnil> transaction"). Vulnerable versions: 5.7-rc4. +Bugs: +upstream: released (5.13-rc1) [061dde8245356d8864d29e25207aa4daa0be4d3c] +6.7-upstream-stable: N/A "Fixed before branching point" +6.6-upstream-stable: N/A "Fixed before branching point" +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.36) [a4794be7b00b7eda4b45fffd283ab7d76df7e5d6] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.10.38-1) +6.1-bookworm-security: N/A "Fixed before branching point" +5.10-bullseye-security: N/A "Fixed before branching point" +4.19-buster-security: N/A "Vulnerable code not present" |