Add CVE-2023-52629

author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-29 22:36:53 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-29 22:36:53 +0100
commit: cc8a8d3a6ccf8582e3c4453999c557277063b480 (patch)
tree: 72dedb92a6d22c6beee1650a1dec85de5e081438
parent: d6ae3a1e5ea4c448112aa2a19b1e838dc26fb2cd (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2023-52629 b/active/CVE-2023-52629
new file mode 100644
index 00000000..c9d02b35
--- /dev/null
+++ b/active/CVE-2023-52629
@@ -0,0 +1,16 @@
+Description: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
+References:
+Notes:
+ carnil> Introduced in 9f5e8eee5cfe ("sh: generic push-switch framework."). Vulnerable
+ carnil> versions: 2.6.20-rc1.
+Bugs:
+upstream: released (6.6-rc1) [246f80a0b17f8f582b2c0996db02998239057c65]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+sid: released (6.5.6-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-29 22:36:53 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-29 22:36:53 +0100
commit	cc8a8d3a6ccf8582e3c4453999c557277063b480 (patch)
tree	72dedb92a6d22c6beee1650a1dec85de5e081438
parent	d6ae3a1e5ea4c448112aa2a19b1e838dc26fb2cd (diff)