diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2022-05-01 18:50:10 +0200 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2022-05-01 18:50:10 +0200 |
commit | 0e9daff74509a56670934301fd472f6bab28e09f (patch) | |
tree | 5ead74d039b6e704b053be31510183b5aa1386fa /retired/CVE-2022-0168 | |
parent | f5510d9d41961353aa461c7f24ae373525b74c7b (diff) |
Retire several issues
Diffstat (limited to 'retired/CVE-2022-0168')
-rw-r--r-- | retired/CVE-2022-0168 | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/retired/CVE-2022-0168 b/retired/CVE-2022-0168 new file mode 100644 index 00000000..3c3c723b --- /dev/null +++ b/retired/CVE-2022-0168 @@ -0,0 +1,21 @@ +Description: cifs: fix NULL ptr dereference in smb2_ioctl_query_info() +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2037386 + https://starlabs.sg/advisories/22-0168/ +Notes: + carnil> For 5.16.y fixed in 5.19.16 and for 5.17.y fixed in 5.17.2. + bwh> This fixes commit ccd48ec3d4a6 "smb2: fix use-after-free in + bwh> smb2_ioctl_query_info()" which was applied in 5.13-rc1 and 5.10.36. + bwh> That in turn fixed commit b2ca6c2c9edd "cifs: move some variables + bwh> off the stack in smb2_ioctl_query_info" which was applied in + bwh> 5.8-rc1. (The potential memory leaks probably exist in older + bwh> versions but are a separate and probably less serious issue.) +Bugs: +upstream: released (v5.18-rc1) [d6f5e358452479fa8a773b5c6ccc9e4ec5a20880] +5.10-upstream-stable: released (5.10.110) [edefc4b2a8e8310eee8e2b1714709ad5b2a93928] +4.19-upstream-stable: N/A "Vulnerable code not present" +4.9-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.17.3-1) +5.10-bullseye-security: released (5.10.113-1) +4.19-buster-security: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" |