Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26897
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/active/CVE-2024-26897 b/active/CVE-2024-26897
new file mode 100644
index 00000000..9bc39458
--- /dev/null
+++ b/active/CVE-2024-26897
@@ -0,0 +1,18 @@
+Description: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
+References:
+Notes:
+ carnil> Introduced in 8b3046abc99e ("ath9k_htc: fix NULL pointer dereference at
+ carnil> ath9k_htc_tx_get_packet()"). Vulnerable versions: 5.10.136 5.15.17 5.16.3
+ carnil> 5.17-rc1.
+Bugs:
+upstream: released (6.9-rc1) [24355fcb0d4cbcb6ddda262596558e8cfba70f11]
+6.8-upstream-stable: released (6.8.2) [4afa0246656d5680c8a4c3fb37ba6570c4ab819b]
+6.7-upstream-stable: released (6.7.11) [ac90e22e735bac44f74b5161fb096fbeb0ff8bc2]
+6.6-upstream-stable: released (6.6.23) [a015fbf698c8957aa5fbeefc5c59dd2cf3107298]
+6.1-upstream-stable: released (6.1.83) [74d0639261dd795dce958d1b14815bdcbb48a715]
+5.10-upstream-stable: released (5.10.214) [1bc5461a21c56a36e2a7d81e152b90ce019a3905]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26897
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)