Reitre some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2023-04-29 09:41:48 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-04-29 09:41:48 +0200
commit: 2e6e3b6769f6dd5acd5773c65e78279a58354c10 (patch)
tree: b54c57ccd894b1f5687daf4dc018f90c64d2a59f /retired/CVE-2022-4379
parent: 238fb69dc8a7c4eab24d23f6e23eaafc7e0af659 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/retired/CVE-2022-4379 b/retired/CVE-2022-4379
new file mode 100644
index 00000000..f5e47c26
--- /dev/null
+++ b/retired/CVE-2022-4379
@@ -0,0 +1,13 @@
+Description: NFSD: fix use-after-free in __nfs42_ssc_open()
+References:
+ https://www.openwall.com/lists/oss-security/2022/12/14/3
+ https://lore.kernel.org/all/1670885411-10060-1-git-send-email-dai.ngo@oracle.com/
+Notes:
+ carnil> Fixed in 6.1.3 as well for 6.1.y.
+Bugs:
+upstream: released (6.2-rc1) [75333d48f92256a0dec91dbf07835e804fc411c0]
+5.10-upstream-stable: released (5.10.177) [01e4c9c03de8a9f8839cb7342bc4bccf9104efe5]
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (6.1.4-1)
+5.10-bullseye-security: released (5.10.178-1)
+4.19-buster-security: N/A "Vulnerable code introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2023-04-29 09:41:48 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-04-29 09:41:48 +0200
commit	2e6e3b6769f6dd5acd5773c65e78279a58354c10 (patch)
tree	b54c57ccd894b1f5687daf4dc018f90c64d2a59f /retired/CVE-2022-4379
parent	238fb69dc8a7c4eab24d23f6e23eaafc7e0af659 (diff)