Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26910
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/active/CVE-2024-26910 b/active/CVE-2024-26910
new file mode 100644
index 00000000..0d84cac1
--- /dev/null
+++ b/active/CVE-2024-26910
@@ -0,0 +1,18 @@
+Description: netfilter: ipset: fix performance regression in swap operation
+References:
+Notes:
+ carnil> Introduced in 28628fa952fe ("netfilter: ipset: fix race condition between
+ carnil> swap/destroy and kernel side add/del/test"). Vulnerable versions: 4.19.302
+ carnil> 5.4.264 5.10.204 5.15.143 6.1.68 6.6.7 6.7-rc2.
+Bugs:
+upstream: released (6.8-rc3) [97f7cf1cd80eeed3b7c808b7c12463295c751001]
+6.8-upstream-stable: N/A "Fixed before branching point"
+6.7-upstream-stable: released (6.7.6) [970709a67696b100a57b33af1a3d75fc34b747eb]
+6.6-upstream-stable: released (6.6.18) [b93a6756a01f4fd2f329a39216f9824c56a66397]
+6.1-upstream-stable: released (6.1.79) [653bc5e6d9995d7d5f497c665b321875a626161c]
+5.10-upstream-stable: released (5.10.210) [a24d5f2ac8ef702a58e55ec276aad29b4bd97e05]
+4.19-upstream-stable: needed
+sid: released (6.7.7-1)
+6.1-bookworm-security: released (6.1.82-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26910
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)