Add new batch of CVEs assigned for Linux

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-03 21:33:11 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-03 21:33:11 +0200
commit: e2b12639eebeadc5925bec1ffdecf7df5192aace (patch)
tree: c43a5a7f293006eced7e9c712f34efab9c774abb /active/CVE-2024-26704
parent: 03801e090c9fbe79615a6fe3fc2a075311f2bd8b (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/active/CVE-2024-26704 b/active/CVE-2024-26704
new file mode 100644
index 00000000..ba2e3363
--- /dev/null
+++ b/active/CVE-2024-26704
@@ -0,0 +1,16 @@
+Description: ext4: fix double-free of blocks due to wrong extents moved_len
+References:
+Notes:
+ carnil> Introduced in fcf6b1b729bc ("ext4: refactor ext4_move_extents code base").
+ carnil> Vulnerable versions: 3.18-rc2.
+Bugs:
+upstream: released (6.8-rc3) [55583e899a5357308274601364741a83e78d6ac4]
+6.7-upstream-stable: released (6.7.6) [559ddacb90da1d8786dd8ec4fd76bbfa404eaef6]
+6.6-upstream-stable: released (6.6.18) [2883940b19c38d5884c8626483811acf4d7e148f]
+6.1-upstream-stable: released (6.1.79) [185eab30486ba3e7bf8b9c2e049c79a06ffd2bc1]
+5.10-upstream-stable: released (5.10.210) [d033a555d9a1cf53dbf3301af7199cc4a4c8f537]
+4.19-upstream-stable: released (4.19.307) [b4fbb89d722cbb16beaaea234b7230faaaf68c71]
+sid: released (6.7.7-1)
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-03 21:33:11 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-03 21:33:11 +0200
commit	e2b12639eebeadc5925bec1ffdecf7df5192aace (patch)
tree	c43a5a7f293006eced7e9c712f34efab9c774abb /active/CVE-2024-26704
parent	03801e090c9fbe79615a6fe3fc2a075311f2bd8b (diff)