Add batch of CVEs from CNA

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-17 19:42:10 +0200
commit: 340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree: 7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26898
parent: 16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2024-26898 b/active/CVE-2024-26898
new file mode 100644
index 00000000..c48192d4
--- /dev/null
+++ b/active/CVE-2024-26898
@@ -0,0 +1,17 @@
+Description: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
+References:
+Notes:
+ carnil> Introduced in 7562f876cd93 ("[NET]: Rework dev_base via list_head (v3)").
+ carnil> Vulnerable versions: 2.6.22-rc1.
+Bugs:
+upstream: released (6.9-rc1) [f98364e926626c678fb4b9004b75cacf92ff0662]
+6.8-upstream-stable: released (6.8.2) [a16fbb80064634b254520a46395e36b87ca4731e]
+6.7-upstream-stable: released (6.7.11) [079cba4f4e307c69878226fdf5228c20aa1c969c]
+6.6-upstream-stable: released (6.6.23) [eb48680b0255a9e8a9bdc93d6a55b11c31262e62]
+6.1-upstream-stable: released (6.1.83) [74ca3ef68d2f449bc848c0a814cefc487bf755fa]
+5.10-upstream-stable: released (5.10.214) [faf0b4c5e00bb680e8e43ac936df24d3f48c8e65]
+4.19-upstream-stable: released (4.19.311) [ad80c34944d7175fa1f5c7a55066020002921a99]
+sid: needed
+6.1-bookworm-security: released (6.1.85-1)
+5.10-bullseye-security: needed
+4.19-buster-security: needed
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-17 19:42:10 +0200
commit	340814e1a325812027f37a78f5052c8c470caa62 (patch)
tree	7ef5ef0ab7ed2d3c56b2a1da4e9fb0373757586a /active/CVE-2024-26898
parent	16ca5f383c524df1ff66a64d96eba1266dd6e1dc (diff)