From f521401f3afb5a0cf409e3c9627d0df185067b91 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 28 Oct 2021 10:18:45 +0200
Subject: Add CVE-2021-43057

---
 active/CVE-2021-43057 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 active/CVE-2021-43057

(limited to 'active/CVE-2021-43057')

diff --git a/active/CVE-2021-43057 b/active/CVE-2021-43057
new file mode 100644
index 00000000..b6c932a5
--- /dev/null
+++ b/active/CVE-2021-43057
@@ -0,0 +1,15 @@
+Description: selinux,smack: fix subjective/objective credential use mixups
+References:
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=2229
+Notes:
+ carnil> Introduced with eb1231f73c4d ("selinux: clarify task subjective
+ carnil> and objective credentials") in 5.13-rc1.
+Bugs:
+upstream: released (5.15-rc3)
+5.10-upstream-stable: N/A "Vulnerable code introduced later"
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (5.14.9-1)
+5.10-bullseye-security: N/A "Vulnerable code introduced later"
+4.19-buster-security: N/A "Vulnerable code introduced later"
+4.9-stretch-security: N/A "Vulnerable code introduced later"
-- 
cgit v1.2.3