blob: cee602511a1e02c7d636f3efddf64e393c44b575 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1997961
https://lists.openwall.net/netdev/2021/08/17/124
Notes:
bwh> Introduced in 4.15 by 194ccc88297a "net: qrtr: Support decoding
bwh> incoming v2 packets"
Bugs:
upstream: released (5.14) [7e78c597c3ebfd0cb329aa09a838734147e4f117]
5.10-upstream-stable: released (5.10.62) [ad41706c771a038e9a334fa55216abd69b32bfdf]
4.19-upstream-stable: released (4.19.206) [ce7d8be2eaa4cab3032e256d154d1c33843d2367]
4.9-upstream-stable: N/A "Vulnerability introduced later"
sid: released (5.14.6-1)
5.10-bullseye-security: released (5.10.46-5) [bugfix/all/net-qrtr-fix-another-OOB-Read-in-qrtr_endpoint_post.patch]
4.19-buster-security: needed
4.9-stretch-security: N/A "Vulnerability introduced later"
|