[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2024-2314/bpfcc: buster not-affected

Sylvain Beucler (@beuc) beuc at debian.org
Wed Mar 13 17:51:37 GMT 2024 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c29b571 by Sylvain Beucler at 2024-03-13T18:43:37+01:00
CVE-2024-2314/bpfcc: buster not-affected

- - - - -
e2f4acec by Sylvain Beucler at 2024-03-13T18:50:56+01:00
CVE-2024-2313/bpftrace: buster not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -643,12 +643,16 @@ CVE-2024-2314 (If kernel headers need to be extracted, bcc will attempt to load
 	- bpfcc <unfixed>
 	[bookworm] - bpfcc <no-dsa> (Minor issue)
 	[bullseye] - bpfcc <no-dsa> (Minor issue)
+	[buster] - bpfcc <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342
+	NOTE: Introduced by: https://github.com/iovisor/bcc/commit/ae92f3ddb6aa5b81c750abf3540b99f24d219e67 (v0.10.0)
 CVE-2024-2313 (If kernel headers need to be extracted, bpftrace will attempt to load  ...)
 	- bpftrace <unfixed>
 	[bookworm] - bpftrace <no-dsa> (Minor issue)
 	[bullseye] - bpftrace <no-dsa> (Minor issue)
+	[buster] - bpftrace <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998
+	NOTE: Introduced by: https://github.com/bpftrace/bpftrace/commit/896fafbe925385500c6626b19348739142944b88 (v0.9.3)
 CVE-2024-2184 (Buffer overflow in identifier field of WSD probe request process of Sm ...)
 	NOT-FOR-US: Small Office Multifunction Printers and Laser Printers (Canon)
 CVE-2024-28823 (Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer) 1.0.0 a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a80cc6f01ee022017c37086b6a7560f157824556...e2f4acec090ac5abdce821e7f81b95f05996c267

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a80cc6f01ee022017c37086b6a7560f157824556...e2f4acec090ac5abdce821e7f81b95f05996c267
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240313/5a493710/attachment.htm>

More information about the debian-security-tracker-commits mailing list