retired/CVE-2023-3776


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Description: net/sched: cls_fw: Fix improper refcount update leads to use-after-free
References:
 https://github.com/google/security-research/pull/49
 https://github.com/google/security-research/pull/50
Notes:
 carnil> For 6.4.y fixed in 6.4.5.
Bugs:
upstream: released (6.5-rc2) [0323bce598eea038714f941ce2b22541c46d488f]
6.1-upstream-stable: released (6.1.40) [c91fb29bb07ee4dd40aabd1e41f19c0f92ac3199]
5.10-upstream-stable: released (5.10.188) [80e0e8d5f54397c5048fa2274144134dd9dc91b5]
4.19-upstream-stable: released (4.19.291) [612f468cfc3df83777ae21058419b1fc8e9037eb]
sid: released (6.4.4-2) [bugfix/all/net-sched-cls_fw-Fix-improper-refcount-update-leads-.patch]
6.1-bookworm-security: released (6.1.52-1)
5.10-bullseye-security: released (5.10.191-1)
4.19-buster-security: released (4.19.304-1)