Retire two CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-17 19:39:16 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-17 19:39:16 +0100
commit: 1d38d666c28b2ab722d5f8ab709049f7f71b5774 (patch)
tree: e40b971301ca50fba6a51df1b17068552c199aa3 /retired/CVE-2021-46283
parent: c170db9615edb5e0329be8b9128499d1b4d28afb (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2021-46283 b/retired/CVE-2021-46283
new file mode 100644
index 00000000..15525565
--- /dev/null
+++ b/retired/CVE-2021-46283
@@ -0,0 +1,16 @@
+Description: netfilter: nf_tables: initialize set before expression setup
+References:
+ https://bugzilla.suse.com/show_bug.cgi?id=1194518
+ https://syzkaller.appspot.com/bug?id=22c3987f75a7b90e238a26b5a5920525c2d1f345
+Notes:
+ carnil> Commit fixes 65038428b2c6 ("netfilter: nf_tables: allow to
+ carnil> specify stateful expression in set definition") in 5.7-rc1.
+Bugs:
+upstream: released (5.13-rc7) [ad9f151e560b016b6ad3280b48e42fa11e1a5440]
+5.10-upstream-stable: released (5.10.64) [36983fc2f87ea3b74a33bf460c9ee7329735b7b5]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.14.6-1)
+5.10-bullseye-security: released (5.10.70-1)
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-17 19:39:16 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-17 19:39:16 +0100
commit	1d38d666c28b2ab722d5f8ab709049f7f71b5774 (patch)
tree	e40b971301ca50fba6a51df1b17068552c199aa3 /retired/CVE-2021-46283
parent	c170db9615edb5e0329be8b9128499d1b4d28afb (diff)