[Git][security-tracker-team/security-tracker][master] Add fixed version for linux issues via unstable

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5eaa7c9e by Salvatore Bonaccorso at 2023-12-22T13:32:11+01:00
Add fixed version for linux issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -606,11 +606,11 @@ CVE-2023-6945 (A vulnerability has been found in SourceCodester Online Student M
 CVE-2023-6944
 	NOT-FOR-US: Red Hat Developer Hub (RHDH)
 CVE-2023-6932 (A use-after-free vulnerability in the Linux kernel's ipv4: igmp compon ...)
-	- linux <unfixed>
+	- linux 6.6.8-1
 	[bookworm] - linux 6.1.66-1
 	NOTE: https://git.kernel.org/linus/e2b706c691905fe78468c361aaabc719d0a496f1 (6.7-rc4)
 CVE-2023-6931 (A heap out-of-bounds write vulnerability in the Linux kernel's Perform ...)
-	- linux <unfixed>
+	- linux 6.6.8-1
 	NOTE: https://git.kernel.org/linus/382c27f4ed28f803b1f1473ac2d8db0afc795a1b (6.7-rc5)
 CVE-2023-6913 (A session hijacking vulnerability has been detected in the Imou Life a ...)
 	NOT-FOR-US: Imou Life application
@@ -917,7 +917,7 @@ CVE-2023-6920
 CVE-2023-6911 (Multiple WSO2 products have been identified as vulnerable due to impro ...)
 	NOT-FOR-US: WSO2
 CVE-2023-6817 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...)
-	- linux <unfixed>
+	- linux 6.6.8-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/317eb9685095678f2c9f5a8189de698c5354316a (6.7-rc5)
 CVE-2023-6778 (Cross-site Scripting (XSS) - Stored in GitHub repository allegroai/cle ...)
@@ -3029,7 +3029,7 @@ CVE-2023-46932 (Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev61
 	NOTE: https://github.com/gpac/gpac/issues/2669
 	NOTE: https://github.com/gpac/gpac/commit/dfdf1681aae2f7b6265e58e97f8461a89825a74b
 CVE-2023-6622 (A null pointer dereference vulnerability was found in nft_dynset_init( ...)
-	- linux <unfixed>
+	- linux 6.6.8-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/3701cd390fd731ee7ae8b8006246c8db82c72bea
@@ -3508,7 +3508,7 @@ CVE-2023-41106 (An issue was discovered in Zimbra Collaboration (ZCS) before 10.
 CVE-2023-40238 (A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O w ...)
 	NOT-FOR-US: Insyde
 CVE-2023-6560 (An out-of-bounds memory access flaw was found in the io_uring SQ/CQ ri ...)
-	- linux <unfixed>
+	- linux 6.6.8-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
@@ -6475,7 +6475,7 @@ CVE-2023-6174 (SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-28.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19369
 CVE-2023-6121 (An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsy ...)
-	- linux <unfixed>
+	- linux 6.6.8-1
 	[bookworm] - linux 6.1.64-1
 	NOTE: https://lore.kernel.org/linux-nvme/b58a2dc6-cc8f-4d19-9efe-e1d5b4505efc@nvidia.com/T/
 	NOTE: https://lore.kernel.org/linux-nvme/CAK5usQvxAyC3LJ4OnqerS1P0JpbfFr9uRZmq6Jb4QhaB7AQCoQ@mail.gmail.com/T/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5eaa7c9ee049bfcb933959c630bd1feb81f545a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5eaa7c9ee049bfcb933959c630bd1feb81f545a7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231222/528f01ba/attachment.htm>