diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2022-12-14 17:15:47 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-12-14 17:15:47 +0100 |
| commit | 076e33b11cfc62c1c654defb017643e6507b8a02 (patch) | |
| tree | 5799054f18e4f9c25d9a68906a0243a15dfd636b /retired/CVE-2022-3176 | |
| parent | 22bdf8e6c8ade20718e77f8a7361482a4072d612 (diff) | |
retire issues
Diffstat (limited to 'retired/CVE-2022-3176')
| -rw-r--r-- | retired/CVE-2022-3176 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2022-3176 b/retired/CVE-2022-3176 new file mode 100644 index 00000000..d78f433f --- /dev/null +++ b/retired/CVE-2022-3176 @@ -0,0 +1,16 @@ +Description: io_uring: disable polling pollfree files +References: +Notes: + carnil> Introduced by 221c5eb233823 ("io_uring: add support for + carnil> IORING_OP_POLL") 5.1-rc1. + carnil> We need to investigate how this was fixed in mainline through + carnil> refactorings likely? + carnil> Consider it as fixed with 791f3465c4af ("io_uring: fix UAF due + carnil> to missing POLLFREE handling") in 5.17-rc1. +Bugs: +upstream: released (5.17-rc1) [791f3465c4afde02d7f16cf7424ca87070b69396] +5.10-upstream-stable: released (5.10.141) [28d8d2737e82fc29ff9e788597661abecc7f7994] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (5.17.3-1) +5.10-bullseye-security: released (5.10.148-1) +4.19-buster-security: N/A "Vulnerable code not present" |