Add new batch of CVEs assigned from Linux kernel CNA

Manual fixup for the sid version not correctly detecting 6.6.15-1 as the right now and instead using 6.7.7-1 one.
author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-02 10:56:31 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-02 10:56:31 +0200
commit: 394790af91161b751b9411f7737a4207ba5c0b55 (patch)
tree: e24f0764bf786f47a569956869194e71add754ec /active/CVE-2024-26675
parent: 612fa53fe5f7ec56deab8572d3abc0d9f345e3c0 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2024-26675 b/active/CVE-2024-26675
new file mode 100644
index 00000000..7a7dd17e
--- /dev/null
+++ b/active/CVE-2024-26675
@@ -0,0 +1,16 @@
+Description: ppp_async: limit MRU to 64K
+References:
+Notes:
+ carnil> Introduced in 1da177e4c3f4 ("Linux-2.6.12-rc2"). Vulnerable versions:
+ carnil> 2.6.12-rc2^0.
+Bugs:
+upstream: released (6.8-rc4) [cb88cb53badb8aeb3955ad6ce80b07b598e310b8]
+6.7-upstream-stable: released (6.7.5) [210d938f963dddc543b07e66a79b7d8d4bd00bd8]
+6.6-upstream-stable: released (6.6.17) [7e5ef49670766c9742ffcd9cead7cdb018268719]
+6.1-upstream-stable: released (6.1.78) [4e2c4846b2507f6dfc9bea72b7567c2693a82a16]
+5.10-upstream-stable: released (5.10.210) [b06e067e93fa4b98acfd3a9f38a398ab91bbc58b]
+4.19-upstream-stable: released (4.19.307) [4fdb14ba89faff6e6969a4dffdc8e54235d6e5ed]
+sid: released (6.7.7-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-02 10:56:31 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-02 10:56:31 +0200
commit	394790af91161b751b9411f7737a4207ba5c0b55 (patch)
tree	e24f0764bf786f47a569956869194e71add754ec /active/CVE-2024-26675
parent	612fa53fe5f7ec56deab8572d3abc0d9f345e3c0 (diff)