Add one CVE assigned

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-18 14:10:49 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-18 14:10:49 +0200
commit: bdc9c973e22cbff40e1ed1fd0ac9b3e9a403cff3 (patch)
tree: b8ced9617d63acd6b7d27742089a27f27224638d
parent: 340814e1a325812027f37a78f5052c8c470caa62 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26921 b/active/CVE-2024-26921
new file mode 100644
index 00000000..5de68880
--- /dev/null
+++ b/active/CVE-2024-26921
@@ -0,0 +1,17 @@
+Description: inet: inet_defrag: prevent sk release while still in use
+References:
+Notes:
+ carnil> Introduced in 7026b1ddb6b8 ("netfilter: Pass socket pointer down through
+ carnil> okfn()."). Vulnerable versions: 4.1-rc1.
+Bugs:
+upstream: released (6.9-rc2) [18685451fc4e546fc0e718580d32df3c0e5c8272]
+6.8-upstream-stable: released (6.8.5) [e09cbe017311508c21e0739e97198a8388b98981]
+6.7-upstream-stable: needed
+6.6-upstream-stable: released (6.6.26) [f4877225313d474659ee53150ccc3d553a978727]
+6.1-upstream-stable: released (6.1.85) [7d0567842b78390dd9b60f00f1d8f838d540e325]
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-18 14:10:49 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-18 14:10:49 +0200
commit	bdc9c973e22cbff40e1ed1fd0ac9b3e9a403cff3 (patch)
tree	b8ced9617d63acd6b7d27742089a27f27224638d
parent	340814e1a325812027f37a78f5052c8c470caa62 (diff)