[Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-2025/linux
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 26 08:25:25 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0ae0490d by Salvatore Bonaccorso at 2019-04-26T07:24:29Z
Update status for CVE-2019-2025/linux
stretch and jessie versions are actually not affected as the issue was
introduced later in upstream in 4.14.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24910,8 +24910,8 @@ CVE-2019-2026 (In updateAssistMenuItems of Editor.java, there is a possible esca
CVE-2019-2025 [binder: fix race that allows malicious free of live buffer]
RESERVED
- linux 4.19.9-1
- [stretch] - linux <ignored> (Binder is not enabled)
- [jessie] - linux <ignored> (Binder is not enabled)
+ [stretch] - linux <not-affected> (Vulnerability introduced later)
+ [jessie] - linux <not-affected> (Vulnerability introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/7bada55ab50697861eee6bb7d60b41e68a961a9c (4.20-rc5)
CVE-2019-2024 [media: em28xx: Fix use-after-free when disconnecting]
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ae0490de90b5f9be220afb94d2ecae132bd335a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ae0490de90b5f9be220afb94d2ecae132bd335a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190426/9adc25ca/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list