Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-13 21:16:26 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-13 21:16:26 +0200
commit: 774dc7e59bd9c7d8b94fa34897c4365824845ea6 (patch)
tree: a3aaad072a6dccb98740058628174f4b6bbc6d8b /retired/CVE-2024-26676
parent: a017799330d4e5d96e5c64ccfba008a85ef29f8c (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2024-26676 b/retired/CVE-2024-26676
new file mode 100644
index 00000000..bcc8189f
--- /dev/null
+++ b/retired/CVE-2024-26676
@@ -0,0 +1,16 @@
+Description: af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC.
+References:
+Notes:
+ carnil> Introduced in 2aab4b969002 ("af_unix: fix struct pid leaks in OOB support").
+ carnil> Vulnerable versions: 5.15.103 6.1.20 6.2.7 6.3-rc2.
+Bugs:
+upstream: released (6.8-rc4) [1279f9d9dec2d7462823a18c29ad61359e0a007d]
+6.7-upstream-stable: released (6.7.5) [82ae47c5c3a6b27fdc0f9e83c1499cb439c56140]
+6.6-upstream-stable: released (6.6.17) [b74aa9ce13d02b7fd37c5325b99854f91b9b4276]
+6.1-upstream-stable: released (6.1.78) [e0e09186d8821ad59806115d347ea32efa43ca4b]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.7.7-1)
+6.1-bookworm-security: released (6.1.82-1)
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-13 21:16:26 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-13 21:16:26 +0200
commit	774dc7e59bd9c7d8b94fa34897c4365824845ea6 (patch)
tree	a3aaad072a6dccb98740058628174f4b6bbc6d8b /retired/CVE-2024-26676
parent	a017799330d4e5d96e5c64ccfba008a85ef29f8c (diff)