Add CVE-2023-39198

author: Salvatore Bonaccorso <carnil@debian.org> 2023-11-09 21:50:25 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-11-09 21:50:25 +0100
commit: 5e855f2ac2cfbebf82aad6d1c8ef7fa9f26f1ef7 (patch)
tree: 127c8c5a63efa29123f3e5443edb466c9a5ee586 /active/CVE-2023-39198
parent: f5448dc8b5238810fd999811bb8f2005286ec11d (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/active/CVE-2023-39198 b/active/CVE-2023-39198
new file mode 100644
index 00000000..36e78783
--- /dev/null
+++ b/active/CVE-2023-39198
@@ -0,0 +1,13 @@
+Description: drm/qxl: fix UAF on handle creation
+References:
+ https://www.zerodayinitiative.com/advisories/ZDI-CAN-20940/
+Notes:
+Bugs:
+upstream: released (6.5-rc7) [c611589b4259ed63b9b77be6872b1ce07ec0ac16]
+6.1-upstream-stable: released (6.1.47) [a1fa8f0fc58e0ec972f718030710efc442d7304b]
+5.10-upstream-stable:
+4.19-upstream-stable:
+sid: released (6.4.13-1)
+6.1-bookworm-security: released (6.1.52-1)
+5.10-bullseye-security:
+4.19-buster-security:
author	Salvatore Bonaccorso <carnil@debian.org>	2023-11-09 21:50:25 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-11-09 21:50:25 +0100
commit	5e855f2ac2cfbebf82aad6d1c8ef7fa9f26f1ef7 (patch)
tree	127c8c5a63efa29123f3e5443edb466c9a5ee586 /active/CVE-2023-39198
parent	f5448dc8b5238810fd999811bb8f2005286ec11d (diff)