Retire inactive issues

author: Ben Hutchings <ben@decadent.org.uk> 2024-01-09 01:23:56 +0100
committer: Ben Hutchings <ben@decadent.org.uk> 2024-01-09 01:23:56 +0100
commit: 26d3effdb521546119e479bf43fb4630a3156675 (patch)
tree: 43d4bebfdaa0fff19349832f4c5083ecfc1b453d /retired/CVE-2023-3212
parent: 4c52cadb6f91fc32612f39a2181515f9abf50b98 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2023-3212 b/retired/CVE-2023-3212
new file mode 100644
index 00000000..60381624
--- /dev/null
+++ b/retired/CVE-2023-3212
@@ -0,0 +1,16 @@
+Description: gfs2: Don't deref jdesc in evict
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2214348
+Notes:
+ bwh> This affects 4.19 and it's actually worse - a UAF rather than NPE.
+ bwh> It needs at least part of commit 601ef0d52e96 "gfs2: Force
+ bwh> withdraw to replay journals and wait for it to finish" as well.
+Bugs:
+upstream: released (6.4-rc2) [504a10d9e46bc37b23d0a1ae2f28973c8516e636]
+6.1-upstream-stable: released (6.1.33) [5ae4a618a1558d2b536fdd5d42e53d3e2d73870c]
+5.10-upstream-stable: released (5.10.183) [d03d31d3a206093b9b8759dddf0ba9bd843606ba]
+4.19-upstream-stable: released (4.19.291) [d3af9cea9a1ce56f427e41e5ffcdafe9280f099f]
+sid: released (6.3.7-1)
+6.1-bookworm-security: released (6.1.37-1)
+5.10-bullseye-security: released (5.10.191-1)
+4.19-buster-security: released (4.19.304-1)
author	Ben Hutchings <ben@decadent.org.uk>	2024-01-09 01:23:56 +0100
committer	Ben Hutchings <ben@decadent.org.uk>	2024-01-09 01:23:56 +0100
commit	26d3effdb521546119e479bf43fb4630a3156675 (patch)
tree	43d4bebfdaa0fff19349832f4c5083ecfc1b453d /retired/CVE-2023-3212
parent	4c52cadb6f91fc32612f39a2181515f9abf50b98 (diff)