retired/CVE-2024-26638


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: nbd: always initialize struct msghdr completely
References:
Notes:
 carnil> Introduced in f94fd25cb0aa ("tcp: pass back data left in socket after
 carnil> receive"). Vulnerable versions: 5.19-rc1.
Bugs:
upstream: released (6.8-rc1) [78fbb92af27d0982634116c7a31065f24d092826]
6.7-upstream-stable: released (6.7.3) [b0028f333420a65a53a63978522db680b37379dd]
6.6-upstream-stable: released (6.6.15) [1960f2b534da1e6c65fb96f9e98bda773495f406]
6.1-upstream-stable: released (6.1.76) [d9c54763e5cdbbd3f81868597fe8aca3c96e6387]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.6.15-1)
6.1-bookworm-security: released (6.1.76-1)
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"