diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2023-05-02 17:56:32 +0200 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2023-05-02 17:56:32 +0200 |
commit | 5b909cfb43487fe7697c63635fcf66781ec68041 (patch) | |
tree | 3bf21959a8d59aff1a04191d8c1e02a5c36efc4f /retired/CVE-2023-0461 | |
parent | bd79e1240c4d5dedfe164c0f564d2514a9d6f765 (diff) |
Retire inactive issues
Diffstat (limited to 'retired/CVE-2023-0461')
-rw-r--r-- | retired/CVE-2023-0461 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2023-0461 b/retired/CVE-2023-0461 new file mode 100644 index 00000000..30550f71 --- /dev/null +++ b/retired/CVE-2023-0461 @@ -0,0 +1,17 @@ +Description: net/ulp: prevent ULP without clone op from entering the LISTEN status +References: + https://ubuntu.com/security/CVE-2023-0461 + https://kernel.dance/#2c02d41d71f90a5168391b6a5f2954112ba2307c +Notes: + carnil> To reach the vulnerability it is said that the kernel needs to + carnil> be configured with CONFIG_TLS or CONFIG_XFRM_ESPINTCP. While + carnil> code present the issue should not be exploitable for privilege + carnil> escalation in bullseye and earlier. +Bugs: +upstream: released (6.2-rc3) [2c02d41d71f90a5168391b6a5f2954112ba2307c] +6.1-upstream-stable: released (6.1.5) [7d242f4a0c8319821548c7176c09a6e0e71f223c] +5.10-upstream-stable: released (5.10.163) [f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0] +4.19-upstream-stable: released (4.19.270) [755193f2523ce5157c2f844a4b6d16b95593f830] +sid: released (6.1.7-1) +5.10-bullseye-security: released (5.10.178-1) +4.19-buster-security: released (4.19.282-1) |