Re: REJECTED: CVE-2022-48936: gso: do not skip outer ip header in case of ipip and net_failover

From: Greg Kroah-Hartman
Date: Sat Aug 31 2024 - 01:38:13 EST

Next message: Benno Lossin: "Re: [PATCH v6 09/26] rust: alloc: implement kernel `Box`"
Previous message: Tejun Heo: "Re: [PATCH v2 2/2 sched_ext/for-6.12] sched_ext: Use sched_clock_cpu() instead of rq_clock_task() in touch_core_sched()"
In reply to: Salvatore Bonaccorso: "Re: REJECTED: CVE-2022-48936: gso: do not skip outer ip header in case of ipip and net_failover"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Aug 30, 2024 at 10:28:58PM +0200, Salvatore Bonaccorso wrote:
> Hi Greg,
>
> On Fri, Aug 30, 2024 at 12:43:58PM +0200, Greg Kroah-Hartman wrote:
> >
> > CVE-2022-48936 has now been rejected and is no longer a valid CVE.
>
> While the CVE was alrady announced and the commit present in the
> vuln.s git repository for the rejection, it looks that
> https://www.cve.org/CVERecord?id=CVE-2022-48936 is still valid.
>
> Do you happen to know if this is only a temporary hickup on cve.org or
> is there still something missing for pushing it?

Odd, I don't know what went wrong. I've pushed the "reject this cve"
command to cve.org again and now it looks like it "stuck" and all should
be good.

Thanks for checking and letting me know!

greg k-h

Next message: Benno Lossin: "Re: [PATCH v6 09/26] rust: alloc: implement kernel `Box`"
Previous message: Tejun Heo: "Re: [PATCH v2 2/2 sched_ext/for-6.12] sched_ext: Use sched_clock_cpu() instead of rq_clock_task() in touch_core_sched()"
In reply to: Salvatore Bonaccorso: "Re: REJECTED: CVE-2022-48936: gso: do not skip outer ip header in case of ipip and net_failover"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]