Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2024-03-15 21:54:52 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-03-15 21:54:52 +0100
commit: 6c575718abcd1ecb65c31706362145c9f9afa11c (patch)
tree: c5bcf0e885e7ac3b37be76a5f5a47490c34f2490 /retired/CVE-2021-47123
parent: 64a38df8b392033c012ab5b8b6bf22aa84f652f8 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2021-47123 b/retired/CVE-2021-47123
new file mode 100644
index 00000000..d1c163e4
--- /dev/null
+++ b/retired/CVE-2021-47123
@@ -0,0 +1,16 @@
+Description: io_uring: fix ltout double free on completion race
+References:
+Notes:
+ carnil> Introduced in 90cd7e424969d ("io_uring: track link timeout's master
+ carnil> explicitly"). Vulnerable versions: 5.11-rc1.
+Bugs:
+upstream: released (5.13-rc2) [447c19f3b5074409c794b350b10306e1da1ef4ba]
+6.7-upstream-stable: N/A "Fixed before branching point"
+6.6-upstream-stable: N/A "Fixed before branching point"
+6.1-upstream-stable: N/A "Fixed before branching point"
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: N/A "Vulnerable code not present"
+6.1-bookworm-security: N/A "Fixed before branching point"
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2024-03-15 21:54:52 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-03-15 21:54:52 +0100
commit	6c575718abcd1ecb65c31706362145c9f9afa11c (patch)
tree	c5bcf0e885e7ac3b37be76a5f5a47490c34f2490 /retired/CVE-2021-47123
parent	64a38df8b392033c012ab5b8b6bf22aa84f652f8 (diff)