add sample CVE .json file to test against

1 files changed, 58 insertions, 0 deletions

diff --git a/scripts/CVE-2024-0000.json b/scripts/CVE-2024-0000.json
new file mode 100644
index 00000000..286fa97c
--- /dev/null
+++ b/scripts/CVE-2024-0000.json
@@ -0,0 +1,58 @@
+{
+    "containers": {
+        "cna": {
+            "affected": [
+                {
+                    "defaultStatus": "unaffected",
+                    "product": "Linux",
+                    "vendor": "Linux",
+                    "versions": [
+                        {
+                            "lessThan": "6.7",
+                            "status": "affected",
+                            "version": "0",
+                            "versionType": "custom"
+                        }
+                    ]
+                }
+            ],
+            "descriptions": [
+                {
+                    "lang": "en",
+                    "supportingMedia": [
+                        {
+                            "base64": false,
+                            "type": "text/html",
+                            "value": "<p>It's not safe to call nfsd_put once nfsd_last_thread has been called, as</p><p>that function will zero out the nn-&gt;nfsd_serv pointer.</p><p>Drop the nfsd_put helper altogether and open-code the svc_put in its</p><p>callers instead. That allows us to not be reliant on the value of that</p><p>pointer when handling an error.</p><p>Fixes: 2a501f55cd64 (\"nfsd: call nfsd_last_thread() before final nfsd_put()\")</p><p>Reported-by: Zhi Li &lt;yieli@redhat.com&gt;</p><p>Cc: NeilBrown &lt;neilb@suse.de&gt;</p><p>Signed-off-by: Jeffrey Layton &lt;jlayton@redhat.com&gt;</p><p>Signed-off-by: Chuck Lever &lt;chuck.lever@oracle.com&gt;</p>"
+                        }
+                    ],
+                    "value": "It's not safe to call nfsd_put once nfsd_last_thread has been called, as\n\nthat function will zero out the nn->nfsd_serv pointer.\n\nDrop the nfsd_put helper altogether and open-code the svc_put in its\n\ncallers instead. That allows us to not be reliant on the value of that\n\npointer when handling an error.\n\nFixes: 2a501f55cd64 (\"nfsd: call nfsd_last_thread() before final nfsd_put()\")\n\nReported-by: Zhi Li <yieli@redhat.com>\n\nCc: NeilBrown <neilb@suse.de>\n\nSigned-off-by: Jeffrey Layton <jlayton@redhat.com>\n\nSigned-off-by: Chuck Lever <chuck.lever@oracle.com>\n\n"
+                }
+            ],
+            "providerMetadata": {
+                "orgId": "00000000-0000-4000-9000-000000000000"
+            },
+            "references": [
+                {
+                    "url": "https://git.kernel.org/torvalds/c/64e6304169f1e1f078e7f0798033f80a7fb0ea46"
+                }
+            ],
+            "source": {
+                "discovery": "UNKNOWN"
+            },
+            "title": "nfsd: drop the nfsd_put helper",
+            "x_generator": {
+                "engine": "Vulnogram 0.1.0-dev"
+            }
+        }
+    },
+    "cveMetadata": {
+        "assignerOrgId": "00000000-0000-4000-9000-000000000000",
+        "cveId": "CVE-2024-0000",
+        "requesterUserId": "00000000-0000-4000-9000-000000000000",
+        "serial": 1,
+        "state": "PUBLISHED"
+    },
+    "dataType": "CVE_RECORD",
+    "dataVersion": "5.0"
+}
\ No newline at end of file