Add batch of CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2024-02-28 14:17:38 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-02-28 14:17:38 +0100
commit: 96eb71c2764b6a2a7eebf2a2857b79f63ab11ab8 (patch)
tree: 200ad73aeb963037b49c68a73dd052dbcdc23a49 /active/CVE-2021-47036
parent: 27d479cc385da9a8bd22874dd4a098a4b0190950 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2021-47036 b/active/CVE-2021-47036
new file mode 100644
index 00000000..0b9264a9
--- /dev/null
+++ b/active/CVE-2021-47036
@@ -0,0 +1,17 @@
+Description: udp: skip L4 aggregation for UDP tunnel packets
+References:
+Notes:
+ carnil> Introduced in 9fd1ff5d2ac7 ("udp: Support UDP fraglist GRO/GSO.")
+ carnil> 36707061d6ba ("udp: allow forwarding of plain (non-fraglisted) UDP GRO
+ carnil> packets"). Vulnerable versions: 5.6-rc1 5.12-rc1.
+Bugs:
+upstream: released (5.13-rc1) [18f25dc399901426dff61e676ba603ff52c666f7]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: needed
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.14.6-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-02-28 14:17:38 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-02-28 14:17:38 +0100
commit	96eb71c2764b6a2a7eebf2a2857b79f63ab11ab8 (patch)
tree	200ad73aeb963037b49c68a73dd052dbcdc23a49 /active/CVE-2021-47036
parent	27d479cc385da9a8bd22874dd4a098a4b0190950 (diff)