Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-09-18 22:12:26 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-09-18 22:12:26 +0200
commit: b98f46981ffa8710b6e0bc56f82f6e28e2169d69 (patch)
tree: a93332e7467456f19e2085b8b2f5e175efea12e2 /retired/CVE-2023-3867
parent: b91ae5548fb0d0f253c63350e4de6b4b7669aabc (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2023-3867 b/retired/CVE-2023-3867
new file mode 100644
index 00000000..091e1d28
--- /dev/null
+++ b/retired/CVE-2023-3867
@@ -0,0 +1,14 @@
+Description: ksmbd: add missing compound request handing in some commands
+References:
+ https://www.zerodayinitiative.com/advisories/ZDI-23-981/
+ https://lore.kernel.org/all/20230624040141.16088-1-linkinjeon@kernel.org/
+Notes:
+Bugs:
+upstream: released (6.5-rc1) [7b7d709ef7cf285309157fb94c33f625dd22c5e1]
+6.1-upstream-stable: released (6.1.40) [869ef4f2965bbb91157dad220133f76c16faba9b]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.4.11-1)
+6.1-bookworm-security: released (6.1.52-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2023-09-18 22:12:26 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-09-18 22:12:26 +0200
commit	b98f46981ffa8710b6e0bc56f82f6e28e2169d69 (patch)
tree	a93332e7467456f19e2085b8b2f5e175efea12e2 /retired/CVE-2023-3867
parent	b91ae5548fb0d0f253c63350e4de6b4b7669aabc (diff)