[Git][security-tracker-team/security-tracker][master] Update CVE-2023-33250/linux as this now affects sid
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 15 05:32:35 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3e0ad5ec by Salvatore Bonaccorso at 2023-06-15T06:31:03+02:00
Update CVE-2023-33250/linux as this now affects sid
With the 6.3.7 upload to unstable the issue get's introduced as well in
unstable. Not yet in trixie, but this is transiently not marked
corrently until 6.3.7 migrates to testing.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2570,7 +2570,10 @@ CVE-2023-33252 (iden3 snarkjs through 0.6.11 allows double spending because ther
CVE-2023-33251 (When Akka HTTP before 10.5.2 accepts file uploads via the FileUploadDi ...)
NOT-FOR-US: Akka HTTP
CVE-2023-33250 (The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in ...)
- - linux <not-affected> (Vulnerable code introduced later)
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code introduced later)
+ [bullseye] - linux <not-affected> (Vulnerable code introduced later)
+ [buster] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://groups.google.com/g/syzkaller/c/G6P9yecsTZ8/m/iiqFVOM9BwAJ
NOTE: https://lore.kernel.org/linux-iommu/ZDabT%2FuRl%2FjxFhm0%40ip-172-31-85-199.ec2.internal/T/
CVE-2023-33236 (MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerabi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e0ad5ec4769b2f30b9d02908c974f1e8d2b12f3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e0ad5ec4769b2f30b9d02908c974f1e8d2b12f3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230615/8ea5168e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list