Retire two CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-03-07 14:59:51 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-03-07 14:59:51 +0100
commit: 3e2a9db34ce22e44f2e3287123461d6a422ab7d1 (patch)
tree: 11234227eaf00e95dac4af4bc47835aa9e775ad3 /retired/CVE-2023-26607
parent: e3a6d9ea64d3a4cd94b83d5b844f9b89360b7ce4 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/retired/CVE-2023-26607 b/retired/CVE-2023-26607
new file mode 100644
index 00000000..b4d42ccd
--- /dev/null
+++ b/retired/CVE-2023-26607
@@ -0,0 +1,13 @@
+Description: KASAN: slab-out-of-bounds Read in ntfs_attr_find
+References:
+ https://lkml.org/lkml/2023/2/21/1353
+Notes:
+ carnil> Upload for Debian disables NTFS_FS and marks it as BROKEN
+Bugs:
+upstream: released (6.1-rc1) [36a4d82dddbbd421d2b8e79e1cab68c8126d5075]
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.156) [6322dda483344abe47d17335809f7bbb730bd88b]
+4.19-upstream-stable: released (4.19.267) [4301aa833a734257ad3715f607cbde17402eda94]
+sid: released (4.19.37-1) [debian/ntfs-mark-it-as-broken.patch]
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
author	Salvatore Bonaccorso <carnil@debian.org>	2023-03-07 14:59:51 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-03-07 14:59:51 +0100
commit	3e2a9db34ce22e44f2e3287123461d6a422ab7d1 (patch)
tree	11234227eaf00e95dac4af4bc47835aa9e775ad3 /retired/CVE-2023-26607
parent	e3a6d9ea64d3a4cd94b83d5b844f9b89360b7ce4 (diff)