[Git][security-tracker-team/security-tracker][master] Track CVE fixes for linux upload to unstable

Salvatore Bonaccorso carnil at debian.org
Sat Dec 28 16:42:12 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
258d1877 by Salvatore Bonaccorso at 2019-12-28T16:41:43Z
Track CVE fixes for linux upload to unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6311,7 +6311,7 @@ CVE-2019-19333 (In all versions of libyang before 1.0-r5, a stack-based buffer o
 	NOTE: https://github.com/CESNET/libyang/commit/f6d684ade99dd37b21babaa8a856f64faa1e2e0d
 CVE-2019-19332 [KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID]
 	RESERVED
-	- linux <unfixed>
+	- linux 5.4.6-1
 	NOTE: https://git.kernel.org/linus/433f4ba1904100da65a311033f17a9bf586b287e
 CVE-2019-19331 (knot-resolver before version 4.3.0 is vulnerable to denial of service  ...)
 	- knot-resolver <unfixed> (bug #946181)
@@ -6339,7 +6339,7 @@ CVE-2019-19320
 CVE-2019-19319 (In the Linux kernel 5.0.21, a setxattr operation, after a mount of a c ...)
 	- linux 5.3.15-1
 CVE-2019-19318 (In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can c ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 CVE-2019-19317 (lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed b ...)
 	- sqlite3 <not-affected> (Generated column support was added with SQLite version 3.31.0)
 	NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/522ebfa7cee96fb325a22ea3a2464a63485886a8
@@ -6984,7 +6984,7 @@ CVE-2019-19083 (Memory leaks in *clock_source_create() functions under drivers/g
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/055e547478a11a6360c7ce05e2afc3e366968a12
 CVE-2019-19082 (Memory leaks in *create_resource_pool() functions under drivers/gpu/dr ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/104c307147ad379617472dd91a5bcb368d72bd6d
@@ -7008,7 +7008,7 @@ CVE-2019-19078 (A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 CVE-2019-19077 (A memory leak in the bnxt_re_create_srq() function in drivers/infiniba ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/4a9d46a9fe14401f21df69cea97c62396d5fb053
@@ -7022,18 +7022,18 @@ CVE-2019-19075 (A memory leak in the ca8210_probe() function in drivers/net/ieee
 	- linux 5.3.9-1 (unimportant)
 	NOTE: https://git.kernel.org/linus/6402939ec86eaf226c8b8ae00ed983936b164908
 CVE-2019-19074 (A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	NOTE: https://git.kernel.org/linus/728c1e2a05e4b5fc52fab3421dce772a806612a2
 CVE-2019-19073 (Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux  ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	NOTE: https://git.kernel.org/linus/853acf7caf10b828102d92d05b5c101666a6142b
 CVE-2019-19072 (A memory leak in the predicate_parse() function in kernel/trace/trace_ ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/96c5c6e6a5b6db592acae039fed54b5c8844cd35
 CVE-2019-19071 (A memory leak in the rsi_send_beacon() function in drivers/net/wireles ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 CVE-2019-19070 (** DISPUTED ** A memory leak in the spi_gpio_probe() function in drive ...)
@@ -7062,7 +7062,7 @@ CVE-2019-19064 (** DISPUTED ** A memory leak in the fsl_lpspi_probe() function i
 CVE-2019-19063 (Two memory leaks in the rtl_usb_probe() function in drivers/net/wirele ...)
 	- linux <unfixed> (unimportant)
 CVE-2019-19062 (A memory leak in the crypto_report() function in crypto/crypto_user_ba ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 CVE-2019-19061 (A memory leak in the adis_update_scan_mode_burst() function in drivers ...)
 	- linux 5.3.9-1 (unimportant)
 	NOTE: https://git.kernel.org/linus/9c0530e898f384c5d279bfcebd8bb17af1105873
@@ -7070,12 +7070,12 @@ CVE-2019-19060 (A memory leak in the adis_update_scan_mode() function in drivers
 	- linux 5.3.9-1 (unimportant)
 	NOTE: https://git.kernel.org/linus/ab612b1daf415b62c58e130cb3d0f30b255a14d0
 CVE-2019-19059 (Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function i ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/0f4f199443faca715523b0659aa536251d8b978f
 CVE-2019-19058 (A memory leak in the alloc_sgtable() function in drivers/net/wireless/ ...)
-	- linux <unfixed>
+	- linux 5.4.6-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/b4b814fec1a5a849383f7b3886b654a13abbda7d
@@ -7084,7 +7084,7 @@ CVE-2019-19057 (Two memory leaks in the mwifiex_pcie_init_evt_ring() function in
 CVE-2019-19056 (A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drive ...)
 	- linux <unfixed>
 CVE-2019-19055 (** DISPUTED ** A memory leak in the nl80211_get_ftm_responder_stats()  ...)
-	- linux <unfixed> (unimportant)
+	- linux 5.4.6-1 (unimportant)
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
@@ -7683,7 +7683,7 @@ CVE-2019-18813 (A memory leak in the dwc3_pci_probe() function in drivers/usb/dw
 	NOTE: https://git.kernel.org/linus/9bbfceea12a8f145097a27d7c7267af25893c060
 	NOTE: No security impact since the issue is on the probe path.
 CVE-2019-18812 (A memory leak in the sof_dfsentry_write() function in sound/soc/sof/de ...)
-	- linux <unfixed> (unimportant)
+	- linux 5.4.6-1 (unimportant)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/258d1877d579fc8feb19832c922aeaa7ec18029e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/258d1877d579fc8feb19832c922aeaa7ec18029e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191228/99f2664e/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list