Retire CVE-2019-18198

author: Salvatore Bonaccorso <carnil@debian.org> 2019-10-19 09:02:57 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2019-10-19 09:02:57 +0200
commit: c0c52136c214ab5fc8a72eee34802531d2f2646b (patch)
tree: 736b2463dbbafd1570bfa1de7575d9214eab5460 /retired/CVE-2019-18198
parent: 0d26f4e7c605c0e1f7541cf54a95c2f5f345dde9 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2019-18198 b/retired/CVE-2019-18198
new file mode 100644
index 00000000..c5e9adbe
--- /dev/null
+++ b/retired/CVE-2019-18198
@@ -0,0 +1,17 @@
+Description: ipv6: do not free rt if FIB_LOOKUP_NOREF is set on suppress rule
+References:
+ https://launchpad.net/bugs/1847478
+Notes:
+ carnil> Fixes 7d9e5f422150 ("ipv6: convert major tx path to use
+ carnil> RT6_LOOKUP_F_DST_NOREF") which was only introduced in 5.3-rc1
+ carnil> and not backported to other branches. Intrestingly though the
+ carnil> commit was still applied/backported as well in/to 5.2.19.
+Bugs:
+upstream: released (5.4-rc1) [ca7a03c4175366a92cee0ccc4fec0038c3266e26]
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+4.9-upstream-stable: N/A "Vulnerable code introduced later"
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: N/A "Vulnerable code introduced later"
+4.19-buster-security: N/A "Vulnerable code introduced later"
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2019-10-19 09:02:57 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2019-10-19 09:02:57 +0200
commit	c0c52136c214ab5fc8a72eee34802531d2f2646b (patch)
tree	736b2463dbbafd1570bfa1de7575d9214eab5460 /retired/CVE-2019-18198
parent	0d26f4e7c605c0e1f7541cf54a95c2f5f345dde9 (diff)