summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2022-01-11 07:39:51 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2022-01-11 07:41:54 +0100
commit7a966e268725b21b4068b019725e4c32720aed21 (patch)
tree4f96759b7b2f3b097959592d25e057b67fabc9dc
parenta56f9ea7fbe55ec9a2525757206816814d55b436 (diff)
Add CVE-2021-4203
-rw-r--r--active/CVE-2021-420317
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2021-4203 b/active/CVE-2021-4203
new file mode 100644
index 00000000..123a730d
--- /dev/null
+++ b/active/CVE-2021-4203
@@ -0,0 +1,17 @@
+Description: af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2036934
+ https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=2230
+Notes:
+ carnil> Commit fixes 109f6e39fa07 ("af_unix: Allow SO_PEERCRED to work
+ carnil> across namespaces.").
+Bugs:
+upstream: released (5.15-rc4) [35306eb23814444bd4021f8a1c3047d3cb0c8b2b]
+5.10-upstream-stable: released (5.10.71) [3db53827a0e9130d9e2cbe3c3b5bca601caa4c74]
+4.19-upstream-stable: released (4.19.209) [0512a9aede6e4417c4fa6e0042a7ca8bc7e06b86]
+4.9-upstream-stable: released (4.9.286) [09818f629bafbe20e24bac919019853ea3ac5ca4]
+sid: released (5.14.12-1)
+5.10-bullseye-security: released (5.10.84-1)
+4.19-buster-security: needed
+4.9-stretch-security: released (4.9.290-1)

© 2014-2024 Faster IT GmbH | imprint | privacy policy