diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-04-25 11:49:44 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-04-25 11:49:44 +0200 |
commit | 17626e995b5f4c3c4daea487595b8da8e09faf46 (patch) | |
tree | e4194ae5668b9726129441637d68a0678f526d46 /retired/CVE-2023-2006 | |
parent | bceafb38b33da577379539acef3ba47c74f26613 (diff) |
Retire two CVEs
Diffstat (limited to 'retired/CVE-2023-2006')
-rw-r--r-- | retired/CVE-2023-2006 | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2023-2006 b/retired/CVE-2023-2006 new file mode 100644 index 00000000..a15c463c --- /dev/null +++ b/retired/CVE-2023-2006 @@ -0,0 +1,15 @@ +Description: rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975] +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2189112 + https://www.zerodayinitiative.com/advisories/ZDI-23-439/ +Notes: + carnil> Commit fixes 245500d853e9 ("rxrpc: Rewrite the client + carnil> connection manager") 5.10-rc1. +Bugs: +upstream: released (6.1-rc7) [3bcd6c7eaa53b56c3f584da46a1f7652e759d0e5] +6.1-upstream-stable: N/A "Fixed before branching point" +5.10-upstream-stable: released (5.10.157) [3535c632e6d16c98f76e615da8dc0cb2750c66cc] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.0.12-1) +5.10-bullseye-security: released (5.10.158-1) +4.19-buster-security: N/A "Vulnerable code not present" |