Add new batch of CVEs

Fixup for fix in earlier versions as 6.6.15-1 and one N/A as vulnerable code was only introduced in 6.7 series.
author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-18 18:04:48 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-18 18:04:48 +0100
commit: bcd9eccef0863578591f91cfde157a7c1fcf4d9e (patch)
tree: 51bcfe848aef821a7b1a16ad6c272fc86e25630e /active/CVE-2024-26636
parent: 602dff7a3e25bb7b7271a9400d5ff4ce861d05c0 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2024-26636 b/active/CVE-2024-26636
new file mode 100644
index 00000000..a7f69f71
--- /dev/null
+++ b/active/CVE-2024-26636
@@ -0,0 +1,16 @@
+Description: llc: make llc_ui_sendmsg() more robust against bonding changes
+References:
+Notes:
+ carnil> Introduced in 1da177e4c3f4 ("Linux-2.6.12-rc2"). Vulnerable versions:
+ carnil> 2.6.12-rc2^0.
+Bugs:
+upstream: released (6.8-rc2) [dad555c816a50c6a6a8a86be1f9177673918c647]
+6.7-upstream-stable: released (6.7.3) [c451c008f563d56d5e676c9dcafae565fcad84bb]
+6.6-upstream-stable: released (6.6.15) [cafd3ad3fe03ef4d6632747be9ee15dc0029db4b]
+6.1-upstream-stable: released (6.1.76) [6d53b813ff8b177f86f149c2f744442681f720e4]
+5.10-upstream-stable: released (5.10.210) [04f2a74b562f3a7498be0399309669f342793d8c]
+4.19-upstream-stable: released (4.19.307) [84e9d10419f6f4f3f3cd8f9aaf44a48719aa4b1b]
+sid: released (6.6.15-1)
+6.1-bookworm-security: released (6.1.76-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-18 18:04:48 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-18 18:04:48 +0100
commit	bcd9eccef0863578591f91cfde157a7c1fcf4d9e (patch)
tree	51bcfe848aef821a7b1a16ad6c272fc86e25630e /active/CVE-2024-26636
parent	602dff7a3e25bb7b7271a9400d5ff4ce861d05c0 (diff)