From 7a966e268725b21b4068b019725e4c32720aed21 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 11 Jan 2022 07:39:51 +0100
Subject: Add CVE-2021-4203

---
 active/CVE-2021-4203 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 active/CVE-2021-4203

diff --git a/active/CVE-2021-4203 b/active/CVE-2021-4203
new file mode 100644
index 00000000..123a730d
--- /dev/null
+++ b/active/CVE-2021-4203
@@ -0,0 +1,17 @@
+Description: af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2036934
+ https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=2230
+Notes:
+ carnil> Commit fixes 109f6e39fa07 ("af_unix: Allow SO_PEERCRED to work
+ carnil> across namespaces.").
+Bugs:
+upstream: released (5.15-rc4) [35306eb23814444bd4021f8a1c3047d3cb0c8b2b]
+5.10-upstream-stable: released (5.10.71) [3db53827a0e9130d9e2cbe3c3b5bca601caa4c74]
+4.19-upstream-stable: released (4.19.209) [0512a9aede6e4417c4fa6e0042a7ca8bc7e06b86]
+4.9-upstream-stable: released (4.9.286) [09818f629bafbe20e24bac919019853ea3ac5ca4]
+sid: released (5.14.12-1)
+5.10-bullseye-security: released (5.10.84-1)
+4.19-buster-security: needed
+4.9-stretch-security: released (4.9.290-1)
-- 
cgit v1.2.3