Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-15 21:54:52 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-15 21:54:52 +0100
commit: 6c575718abcd1ecb65c31706362145c9f9afa11c (patch)
tree: c5bcf0e885e7ac3b37be76a5f5a47490c34f2490 /retired/CVE-2021-47126
parent: 64a38df8b392033c012ab5b8b6bf22aa84f652f8 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2021-47126 b/retired/CVE-2021-47126
new file mode 100644
index 00000000..7469aed5
--- /dev/null
+++ b/retired/CVE-2021-47126
@@ -0,0 +1,18 @@
+Description: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
+References:
+Notes:
+ carnil> Introduced in f88d8ea67fbdb ("ipv6: Plumb support for nexthop object in a
+ carnil> fib6_info")
+ carnil> 706ec91916462 ("ipv6: Fix nexthop refcnt leak when creating ipv6 route info").
+ carnil> Vulnerable versions: 5.3-rc1 5.4.58 5.7.15 5.8.
+Bugs:
+upstream: released (5.13-rc5) [821bbf79fe46a8b1d18aa456e8ed0a3c208c3754]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.43) [09870235827451409ff546b073d754a19fd17e2e]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.10.46-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-15 21:54:52 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-15 21:54:52 +0100
commit	6c575718abcd1ecb65c31706362145c9f9afa11c (patch)
tree	c5bcf0e885e7ac3b37be76a5f5a47490c34f2490 /retired/CVE-2021-47126
parent	64a38df8b392033c012ab5b8b6bf22aa84f652f8 (diff)