Retire CVE-2022-3636

author: Salvatore Bonaccorso <carnil@debian.org> 2022-10-22 21:11:17 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-10-22 21:11:17 +0200
commit: a7f3060809b0fadac62bb38497d5501b84c47ebd (patch)
tree: 3885e6b2cb14062cf4ef33ab604eafac9870a365 /retired/CVE-2022-3636
parent: a331ca85e00186e6a93e5d06443179ab3f2a87e9 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2022-3636 b/retired/CVE-2022-3636
new file mode 100644
index 00000000..6051df04
--- /dev/null
+++ b/retired/CVE-2022-3636
@@ -0,0 +1,14 @@
+Description: net: ethernet: mtk_eth_soc: use after free in __mtk_ppe_check_skb()
+References:
+Notes:
+ carnil> Commit fixes 33fc42de3327 ("net: ethernet: mtk_eth_soc: support
+ carnil> creating mac address based offload entries") which is in 5.19-
+ carnil> rc1 as well. So the CVE seems not to be valid given no released
+ carnil> version was ever affected.
+Bugs:
+upstream: released (5.19-rc1) [17a5f6a78dc7b8db385de346092d7d9f9dc24df6]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2022-10-22 21:11:17 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-10-22 21:11:17 +0200
commit	a7f3060809b0fadac62bb38497d5501b84c47ebd (patch)
tree	3885e6b2cb14062cf4ef33ab604eafac9870a365 /retired/CVE-2022-3636
parent	a331ca85e00186e6a93e5d06443179ab3f2a87e9 (diff)