From 48a64abf7be2e19f3a352cee4836a83a6b258a59 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 12 Jan 2022 09:29:55 +0100
Subject: Add CVE-2021-46283

---
 active/CVE-2021-46283 | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 active/CVE-2021-46283

diff --git a/active/CVE-2021-46283 b/active/CVE-2021-46283
new file mode 100644
index 00000000..15525565
--- /dev/null
+++ b/active/CVE-2021-46283
@@ -0,0 +1,16 @@
+Description: netfilter: nf_tables: initialize set before expression setup
+References:
+ https://bugzilla.suse.com/show_bug.cgi?id=1194518
+ https://syzkaller.appspot.com/bug?id=22c3987f75a7b90e238a26b5a5920525c2d1f345
+Notes:
+ carnil> Commit fixes 65038428b2c6 ("netfilter: nf_tables: allow to
+ carnil> specify stateful expression in set definition") in 5.7-rc1.
+Bugs:
+upstream: released (5.13-rc7) [ad9f151e560b016b6ad3280b48e42fa11e1a5440]
+5.10-upstream-stable: released (5.10.64) [36983fc2f87ea3b74a33bf460c9ee7329735b7b5]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.14.6-1)
+5.10-bullseye-security: released (5.10.70-1)
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3