summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2024-03-01 15:15:53 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2024-03-01 15:15:53 +0100
commit3a986a63a8120ce5be3821cd1cfacd8d3ea9f503 (patch)
treed09964324b3f55e45b0e789b008ccf4e0d0e3984
parent5e57bc76df7c8e611b3ccf59a6bfd75efcc59194 (diff)
Update CVEs after 5.10.211, 6.1.80, 6.6.19 and 6.7.7 release
Diffstat
-rw-r--r--active/CVE-2023-5243411
-rw-r--r--active/CVE-2023-524972
-rw-r--r--active/CVE-2024-265909
-rw-r--r--active/CVE-2024-266012
4 files changed, 15 insertions, 9 deletions
diff --git a/active/CVE-2023-52434 b/active/CVE-2023-52434
index 7bb7d945..359610c2 100644
--- a/active/CVE-2023-52434
+++ b/active/CVE-2023-52434
@@ -2,12 +2,15 @@ Description: smb: client: fix potential OOBs in smb2_parse_contexts()
References:
https://lore.kernel.org/linux-cve-announce/2024022033-makeshift-flammable-cb72@gregkh/
Notes:
+ carnil> First introducing commit could not be determined.
Bugs:
upstream: released (6.7-rc6) [af1689a9b7701d9907dfc84d2a4b57c4bc907144]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: released (6.6.8) [17a0f64cc02d4972e21c733d9f21d1c512963afa]
6.1-upstream-stable: released (6.1.79) [1ae3c59355dc9882e09c020afe8ffbd895ad0f29]
-5.10-upstream-stable:
-4.19-upstream-stable:
+5.10-upstream-stable: released (5.10.211) [13fb0fc4917621f3dfa285a27eaf7151d770b5e5]
+4.19-upstream-stable: needed
sid: released (6.6.8-1)
6.1-bookworm-security: needed
-5.10-bullseye-security:
-4.19-buster-security:
+5.10-bullseye-security: needed
+4.19-buster-security: needed
diff --git a/active/CVE-2023-52497 b/active/CVE-2023-52497
index fcb3bb9a..6adc6ffc 100644
--- a/active/CVE-2023-52497
+++ b/active/CVE-2023-52497
@@ -10,7 +10,7 @@ upstream: released (6.8-rc1) [3c12466b6b7bf1e56f9b32c366a3d83d87afb4de]
6.7-upstream-stable: released (6.7.3) [bffc4cc334c5bb31ded54bc3cfd651735a3cb79e]
6.6-upstream-stable: released (6.6.15) [f36d200a80a3ca025532ed60dd1ac21b620e14ae]
6.1-upstream-stable: released (6.1.76) [33bf23c9940dbd3a22aad7f0cda4c84ed5701847]
-5.10-upstream-stable: needed
+5.10-upstream-stable: released (5.10.211) [a0180e940cf1aefa7d516e20b259ad34f7a8b379]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.6.15-1)
6.1-bookworm-security: released (6.1.76-1)
diff --git a/active/CVE-2024-26590 b/active/CVE-2024-26590
index 422df4bf..1027127a 100644
--- a/active/CVE-2024-26590
+++ b/active/CVE-2024-26590
@@ -1,11 +1,14 @@
Description: erofs: fix inconsistent per-file compression format
References:
Notes:
- carnil> Introduced with 622ceaddb764 ("erofs: lzma compression
- carnil> support") in 5.16-rc1.
+ carnil> Introduced in 8f89926290c4 ("erofs: get compression algorithms directly on
+ carnil> mapping")
+ carnil> 622ceaddb764 ("erofs: lzma compression support"). Vulnerable versions: 5.16-rc1.
Bugs:
upstream: released (6.8-rc1) [118a8cf504d7dfa519562d000f423ee3ca75d2c4]
-6.1-upstream-stable: needed
+6.7-upstream-stable: released (6.7.2) [eed24b816e50c6cd18cbee0ff0d7218c8fced199]
+6.6-upstream-stable: released (6.6.14) [823ba1d2106019ddf195287ba53057aee33cf724]
+6.1-upstream-stable: released (6.1.80) [47467e04816cb297905c0f09bc2d11ef865942d9]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.6.15-1)
diff --git a/active/CVE-2024-26601 b/active/CVE-2024-26601
index 8628c00c..6b7b278a 100644
--- a/active/CVE-2024-26601
+++ b/active/CVE-2024-26601
@@ -8,7 +8,7 @@ upstream: released (6.8-rc3) [c9b528c35795b711331ed36dc3dbee90d5812d4e]
6.7-upstream-stable: released (6.7.5) [6b0d48647935e4b8c7b75d1eccb9043fcd4ee581]
6.6-upstream-stable: released (6.6.17) [ea42d6cffb0dd27a417f410b9d0011e9859328cb]
6.1-upstream-stable: released (6.1.78) [78327acd4cdc4a1601af718b781eece577b6b7d4]
-5.10-upstream-stable: needed
+5.10-upstream-stable: released (5.10.211) [94ebf71bddbcd4ab1ce43ae32c6cb66396d2d51a]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: needed
6.1-bookworm-security: needed

© 2014-2024 Faster IT GmbH | imprint | privacy policy