Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-10-06 23:36:39 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-10-06 23:36:39 +0200
commit: 2c98af84378df5050ee99f6b2e0fb4464804fc6d (patch)
tree: ceff79e15949bb272d8dd4bf9e555cd71bdaf26f /retired/CVE-2023-42752
parent: 5cf97a652e3144bfa2c5479d619bc21469b7ac45 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2023-42752 b/retired/CVE-2023-42752
new file mode 100644
index 00000000..42ade086
--- /dev/null
+++ b/retired/CVE-2023-42752
@@ -0,0 +1,15 @@
+Description: integer overflows in kmalloc_reserve()
+References:
+ https://www.openwall.com/lists/oss-security/2023/09/18/3
+Notes:
+ carnil> Introduced with 12d6c1d3a2ad ("skbuff: Proactively round up to
+ carnil> kmalloc bucket size") in 6.2-rc1 (and backported to 6.1.31)
+Bugs:
+upstream: released (6.6-rc1) [915d975b2ffa58a14bfcf16fafe00c41315949ff, c3b704d4a4a265660e665df51b129e8425216ed1]
+6.1-upstream-stable: released (6.1.53) [6678912b4df1bfac6f7c80642d56dc22e23419e4], released (6.1.54) [31cf7853a940181593e4472fc56f46574123f9f6]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.5.3-1)
+6.1-bookworm-security: released (6.1.55-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2023-10-06 23:36:39 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-10-06 23:36:39 +0200
commit	2c98af84378df5050ee99f6b2e0fb4464804fc6d (patch)
tree	ceff79e15949bb272d8dd4bf9e555cd71bdaf26f /retired/CVE-2023-42752
parent	5cf97a652e3144bfa2c5479d619bc21469b7ac45 (diff)