Retire two CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-05-08 22:30:01 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-05-08 22:30:01 +0200
commit: 2cd289ed7c62a169a6c2efb3ca762ce85c0b78e5 (patch)
tree: b4440a50dfeb14cb497fdd54714834102ff3a648 /retired/CVE-2023-26544
parent: b7f44e12165e459de33c56bf17b833a075231cee (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/retired/CVE-2023-26544 b/retired/CVE-2023-26544
new file mode 100644
index 00000000..1f3b35f6
--- /dev/null
+++ b/retired/CVE-2023-26544
@@ -0,0 +1,13 @@
+Description: KASAN: use-after-free Read in run_unpack
+References:
+ https://lkml.org/lkml/2023/2/20/128
+Notes:
+ carnil> NTFS3 driver not enabled in Debian.
+Bugs:
+upstream: released (6.2-rc1) [887bfc546097fbe8071dac13b2fef73b77920899]
+6.1-upstream-stable: released (6.1.3) [d34485d40b6a263d65bc476554299c42b2ec0187]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.1.4-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2023-05-08 22:30:01 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-05-08 22:30:01 +0200
commit	2cd289ed7c62a169a6c2efb3ca762ce85c0b78e5 (patch)
tree	b4440a50dfeb14cb497fdd54714834102ff3a648 /retired/CVE-2023-26544
parent	b7f44e12165e459de33c56bf17b833a075231cee (diff)