Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3e0ad5ec by Salvatore Bonaccorso at 2023-06-15T06:31:03+02:00
Update CVE-2023-33250/linux as this now affects sid
With the 6.3.7 upload to unstable the issue get's introduced as well in
unstable. Not yet in trixie, but this is transiently not marked
corrently until 6.3.7 migrates to testing.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2570,7 +2570,10 @@ CVE-2023-33252 (iden3 snarkjs through 0.6.11 allows
double spending because ther
CVE-2023-33251 (When Akka HTTP before 10.5.2 accepts file uploads via the
FileUploadDi ...)
NOT-FOR-US: Akka HTTP
CVE-2023-33250 (The Linux kernel 6.3 has a use-after-free in
iopt_unmap_iova_range in ...)
- - linux <not-affected> (Vulnerable code introduced later)
+ - linux <unfixed>
+ [bookworm] - linux <not-affected> (Vulnerable code introduced later)
+ [bullseye] - linux <not-affected> (Vulnerable code introduced later)
+ [buster] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://groups.google.com/g/syzkaller/c/G6P9yecsTZ8/m/iiqFVOM9BwAJ
NOTE:
https://lore.kernel.org/linux-iommu/ZDabT%2FuRl%2FjxFhm0%40ip-172-31-85-199.ec2.internal/T/
CVE-2023-33236 (MXsecurity version 1.0 is vulnearble to hardcoded credential
vulnerabi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e0ad5ec4769b2f30b9d02908c974f1e8d2b12f3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e0ad5ec4769b2f30b9d02908c974f1e8d2b12f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
