From 2e6f19ba0b482262350740e9097730ddcf4802ab Mon Sep 17 00:00:00 2001
From: Allen Pais <apais@linux.microsoft.com>
Date: Thu, 6 Feb 2025 15:27:20 +0000
Subject: [PATCH] Security Assessment: Reviewed multiple CVEs This commit
 documents the assessment of the following CVEs:

	vulns/CVE-2023-52924.yml
	vulns/CVE-2023-52925.yml
	vulns/CVE-2025-21671.yml
	vulns/CVE-2025-21672.yml
	vulns/CVE-2025-21673.yml

Signed-off-by: Allen Pais <apais@linux.microsoft.com>
---
 vulns/CVE-2023-52924.yml | 7 +++++++
 vulns/CVE-2023-52925.yml | 7 +++++++
 vulns/CVE-2025-21671.yml | 7 +++++++
 vulns/CVE-2025-21672.yml | 7 +++++++
 vulns/CVE-2025-21673.yml | 7 +++++++
 5 files changed, 35 insertions(+)
 create mode 100644 vulns/CVE-2023-52924.yml
 create mode 100644 vulns/CVE-2023-52925.yml
 create mode 100644 vulns/CVE-2025-21671.yml
 create mode 100644 vulns/CVE-2025-21672.yml
 create mode 100644 vulns/CVE-2025-21673.yml

diff --git a/vulns/CVE-2023-52924.yml b/vulns/CVE-2023-52924.yml
new file mode 100644
index 0000000..2936de0
--- /dev/null
+++ b/vulns/CVE-2023-52924.yml
@@ -0,0 +1,7 @@
+reachability: Local
+memory_corruption: False
+bug_class: Logical Error
+impact: DoS
+privileges_required: Low
+notes: inconsistency in handling expired elements during nftables set walks, leading to incorrect reference counting.
+author: Microsoft
diff --git a/vulns/CVE-2023-52925.yml b/vulns/CVE-2023-52925.yml
new file mode 100644
index 0000000..0af1dac
--- /dev/null
+++ b/vulns/CVE-2023-52925.yml
@@ -0,0 +1,7 @@
+reachability: Local
+memory_corruption: False
+bug_class: Logical Error
+impact: DoS
+privileges_required: Low
+notes: incorrect handling of expired elements in nftables, leading to unexpected failures in insertion operations.
+author: Microsoft
diff --git a/vulns/CVE-2025-21671.yml b/vulns/CVE-2025-21671.yml
new file mode 100644
index 0000000..1e854e9
--- /dev/null
+++ b/vulns/CVE-2025-21671.yml
@@ -0,0 +1,7 @@
+reachability: Local
+memory_corruption: True
+bug_class: Use-After-Free
+impact: Kernel Panic
+privileges_required: Low
+notes: `zram_meta_free` may access the freed table, leading to a use-after-free vulnerability causing kernel panic.
+author: Microsoft
diff --git a/vulns/CVE-2025-21672.yml b/vulns/CVE-2025-21672.yml
new file mode 100644
index 0000000..f622b31
--- /dev/null
+++ b/vulns/CVE-2025-21672.yml
@@ -0,0 +1,7 @@
+reachability: Local
+memory_corruption: False
+bug_class: Logical Error
+impact: Deadlock
+privileges_required: Low
+notes: merge preference rule failure, leading to a missing lock(inode lock) release.
+author: Micrsoft
diff --git a/vulns/CVE-2025-21673.yml b/vulns/CVE-2025-21673.yml
new file mode 100644
index 0000000..2c83935
--- /dev/null
+++ b/vulns/CVE-2025-21673.yml
@@ -0,0 +1,7 @@
+reachability: Local
+memory_corruption: True
+bug_class: Use-After-Free
+impact: Kernel Panic
+privileges_required: Low
+notes: `server->hostname` is freed while a background CIFS daemon thread is still using it, leading to a double-free scenario.
+author: Microsoft