Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-01-23 21:18:34 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-01-23 21:18:34 +0100
commit: 4efbbf7d55f1e6649864cfcbd309a766aaba5397 (patch)
tree: 4a49167e53f5b9f53c8ddb562b67d404056f724d /retired/CVE-2023-0179
parent: 07388283c0e08369070fd149c88e351623dd62ba (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2023-0179 b/retired/CVE-2023-0179
new file mode 100644
index 00000000..62ec3709
--- /dev/null
+++ b/retired/CVE-2023-0179
@@ -0,0 +1,16 @@
+Description: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
+References:
+ https://www.openwall.com/lists/oss-security/2023/01/13/2
+ https://www.openwall.com/lists/oss-security/2023/01/13/4
+ https://groups.google.com/g/syzkaller/c/YRNDJBsJn_s?pli=1
+ https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230111212251.193032-4-pablo@netfilter.org/
+ https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=696e1a48b1a1b01edad542a1ef293665864a4dd0
+Notes:
+ carnil> Fixed as well in 6.1.7 for 6.1.y.
+Bugs:
+upstream: released (6.2-rc5) [696e1a48b1a1b01edad542a1ef293665864a4dd0]
+5.10-upstream-stable: released (5.10.164) [550efeff989b041f3746118c0ddd863c39ddc1aa]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.1.7-1)
+5.10-bullseye-security: released (5.10.162-1) [bugfix/all/netfilter-nft_payload-incorrect-arithmetics-when-fet.patch]
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2023-01-23 21:18:34 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-01-23 21:18:34 +0100
commit	4efbbf7d55f1e6649864cfcbd309a766aaba5397 (patch)
tree	4a49167e53f5b9f53c8ddb562b67d404056f724d /retired/CVE-2023-0179
parent	07388283c0e08369070fd149c88e351623dd62ba (diff)