Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2024-02-28 07:42:23 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-02-28 07:42:23 +0100
commit: b548dd7921f0546d3b690664603154a033db4619 (patch)
tree: 502bb7b112ff9270bcb9ca58718521d28ff53a21 /retired/CVE-2021-46955
parent: 2c3627cb43e5f6cfc12ab3a585708270aa17054c (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2021-46955 b/retired/CVE-2021-46955
new file mode 100644
index 00000000..4ab2a104
--- /dev/null
+++ b/retired/CVE-2021-46955
@@ -0,0 +1,17 @@
+Description: openvswitch: fix stack OOB read while fragmenting IPv4 packets
+References:
+Notes:
+ carnil> Introduced in d52e5a7e7ca4 ("ipv4: lock mtu in fnhe when received PMTU <
+ carnil> net.ipv4.route.min_pmt"). Vulnerable versions: 3.16.57 4.4.134 4.9.104 4.14.45
+ carnil> 4.16-rc7.
+Bugs:
+upstream: released (5.13-rc1) [7c0ea5930c1c211931819d83cfb157bff1539a4c]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: released (5.10.36) [a1478374b0bda89b4277a8afd39208271faad4be]
+4.19-upstream-stable: released (4.19.191) [df9e900de24637be41879e2c50afb713ec4e8b2e]
+sid: released (5.10.38-1)
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: released (4.19.194-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2024-02-28 07:42:23 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-02-28 07:42:23 +0100
commit	b548dd7921f0546d3b690664603154a033db4619 (patch)
tree	502bb7b112ff9270bcb9ca58718521d28ff53a21 /retired/CVE-2021-46955
parent	2c3627cb43e5f6cfc12ab3a585708270aa17054c (diff)