Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26859
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26859 b/active/CVE-2024-26859
new file mode 100644
index 00000000..0d8961c4
--- /dev/null
+++ b/active/CVE-2024-26859
@@ -0,0 +1,17 @@
+Description: net/bnx2x: Prevent access to a freed page in page_pool
+References:
+Notes:
+ carnil> Introduced in 4cace675d687 ("bnx2x: Alloc 4k fragment for each rx ring buffer
+ carnil> element"). Vulnerable versions: 4.2-rc1.
+Bugs:
+upstream: released (6.9-rc1) [d27e2da94a42655861ca4baea30c8cd65546f25d]
+6.8-upstream-stable: released (6.8.2) [44f9f1abb0ecc43023225ab9539167facbabf0ec]
+6.7-upstream-stable: released (6.7.11) [c51f8b6930db3f259b8820b589f2459d2df3fc68]
+6.6-upstream-stable: released (6.6.23) [3a9f78b297e08ca8e88ae3ecff1f6fe2766dc5eb]
+6.1-upstream-stable: released (6.1.83) [cf7d8cba639ae792a42c2a137b495eac262ac36c]
+5.10-upstream-stable: released (5.10.214) [8eebff95ce9558be66a36aa7cfb43223f3ab4699]
+4.19-upstream-stable: released (4.19.311) [7bcc090c81116c66936a7415f2c6b1483a4bcfd9]
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26859
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)