retire issues

author: Moritz Muehlenhoff <jmm@debian.org> 2022-12-14 17:35:58 +0100
committer: Moritz Muehlenhoff <jmm@debian.org> 2022-12-14 17:36:55 +0100
commit: 29ac819f5b60be3e16162ed2dc885871d3410831 (patch)
tree: fd25af934ad92a950ee50fe981f75313f87f1786 /retired/CVE-2022-41674
parent: 3aea2273f77b6a31c2b5c107cbc54260568c3cc9 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2022-41674 b/retired/CVE-2022-41674
new file mode 100644
index 00000000..580dc644
--- /dev/null
+++ b/retired/CVE-2022-41674
@@ -0,0 +1,16 @@
+Description: fix u8 overflow in cfg80211_update_notlisted_nontrans
+References:
+ https://www.openwall.com/lists/oss-security/2022/10/13/2
+ https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
+ https://github.com/PurpleVsGreen/beacown
+Notes:
+ carnil> Commit fixes 0b8fb8235be8 ("cfg80211: Parsing of Multiple BSSID
+ carnil> information in scanning") in 5.1-rc1.
+ carnil> Fixed as well in 5.19.16 and 6.0.2.
+Bugs:
+upstream: released (6.1-rc1) [aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d]
+5.10-upstream-stable: released (5.10.148) [a6408e0b694c1bdd8ae7dd0464a86b98518145ec]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.0.2-1)
+5.10-bullseye-security: released (5.10.148-1)
+4.19-buster-security: N/A "Vulnerable code not present"
author	Moritz Muehlenhoff <jmm@debian.org>	2022-12-14 17:35:58 +0100
committer	Moritz Muehlenhoff <jmm@debian.org>	2022-12-14 17:36:55 +0100
commit	29ac819f5b60be3e16162ed2dc885871d3410831 (patch)
tree	fd25af934ad92a950ee50fe981f75313f87f1786 /retired/CVE-2022-41674
parent	3aea2273f77b6a31c2b5c107cbc54260568c3cc9 (diff)