Security tracker / CVE-2024-26836

CVE-2024-26836

platform/x86: think-lmi: Fix password opcode ordering for workstations

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in 640a5fa50a42 ("platform/x86: think-lmi: Opcode support").
 carnil> Vulnerable versions: 5.17-rc1.

Bugs

Status

Branch	Status
upstream	released (6.8-rc6) [6f7d0f5fd8e440c3446560100ac4ff9a55eec340]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.8-upstream-stable	N/A "Fixed before branching point"
6.7-upstream-stable	released (6.7.7) [2bfbe1e0aed00ba51d58573c79452fada3f62ed4]
6.6-upstream-stable	released (6.6.55) [2deb10a99671afda30f834e95e5b992a805bba6a]
6.1-upstream-stable	needed
5.10-upstream-stable	N/A "Vulnerable code not present"
4.19-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.7.7-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	needed
5.10-bullseye-security	N/A "Vulnerable code not present"
4.19-buster-security	N/A "Vulnerable code not present"